Debugging GHA

.github/workflows/cd.yaml

@@ -136,9 +136,10 @@ jobs:
       # https://github.com/sigstore/cosign-installer
       - name: Install cosign
         if: github.event_name != 'pull_request'
-        uses: sigstore/cosign-installer@7e0881f8fe90b25e305bbf0309761e9314607e25
-        with:
-          cosign-release: '${{ env.COSIGN_VERSION }}'
+        uses: sigstore/[email protected]
+        with: 
+          cosign-release: 'v2.2.2'
+
 
       # Workaround: https://github.com/docker/build-push-action/issues/461
       - name: Setup Docker buildx
@@ -193,8 +194,6 @@ jobs:
             type=ref,event=pr
             type=sha,format=long,prefix=
 
-
-
       # Build and push Docker image with Buildx (don't push on PR)
       # https://github.com/docker/build-push-action
       - name: Build and push Docker image
@@ -217,7 +216,7 @@ jobs:
           COSIGN_EXPERIMENTAL: "true"
         # This step uses the identity token to provision an ephemeral certificate
         # against the sigstore community Fulcio instance.
-        run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign {}@${{ steps.build-and-push.outputs.digest }}
+        run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign --yes {}@${{ steps.build-and-push.outputs.digest }}
   helm:
     needs: [lint, test]
     runs-on: ubuntu-latest
@@ -288,7 +287,7 @@ jobs:
           helm push bin/mlflow-oidc-proxy-*.tgz "${HELM_REPO}"
           helm push bin/mlflow-multitenant-deps-*.tgz "${HELM_REPO}"
           rm -rf bin/*.tgz # The wildcard below matches the deps chart, this is a hack-y workaround
-          helm dependency build deploy/helm/mlflow-multitenant
+          helm dependency update deploy/helm/mlflow-multitenant
           helm package deploy/helm/mlflow-multitenant/ --destination bin
           helm push bin/mlflow-multitenant-*.tgz "${HELM_REPO}"