diff --git a/.github/workflows/release-please.yaml b/.github/workflows/release-please.yaml index 6a0dae411..81d25d90c 100644 --- a/.github/workflows/release-please.yaml +++ b/.github/workflows/release-please.yaml @@ -86,12 +86,19 @@ jobs: runs-on: ubuntu-latest if: ${{ needs.release-please.outputs.release_created }} steps: + - name: Log in to the Container registry + uses: docker/login-action@ec9cdf07d570632daeb912f5b2099cb9ec1d01e6 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Install Cosign uses: sigstore/cosign-installer@bd2d1189b064bcddc3903176a807dcdba72d7fd0 - name: Sign the image run: | - cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@${{ needs.container-release.outputs.image_digest }} + cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@${{ needs.container-release.outputs.digest }} cosign public-key --key env://COSIGN_PRIVATE_KEY --outfile ${{ env.PUBLIC_KEY_FILE }} env: COSIGN_PRIVATE_KEY: ${{secrets.COSIGN_PRIVATE_KEY}}