From ef3314514c842c8cfbd6570a7466454e1f8d6005 Mon Sep 17 00:00:00 2001
From: Jonathon Anderson <janderson@ciq.com>
Date: Sat, 9 Dec 2023 16:55:04 -0700
Subject: [PATCH] Attempt cosign signing without a key

Signed-off-by: Jonathon Anderson <janderson@ciq.com>
---
 .github/workflows/container-publish.yml | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/.github/workflows/container-publish.yml b/.github/workflows/container-publish.yml
index fdf86ee..8045ea3 100644
--- a/.github/workflows/container-publish.yml
+++ b/.github/workflows/container-publish.yml
@@ -139,11 +139,9 @@ jobs:
       - name: Sign image with a key
         if: github.event_name != 'pull_request'
         run: |
-          cosign sign --yes --key env://COSIGN_PRIVATE_KEY "${TAGS}@${DIGEST}"
+          cosign sign --yes "${TAGS}@${DIGEST}"
         env:
           TAGS: ${{ steps.docker_meta.outputs.tags }}
-          COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
-          COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
           DIGEST: ${{ steps.build-and-push.outputs.digest }}
 
       - name: Sign the images with GitHub OIDC Token