From 2fbd69bc0d56b6703faf2f6cc611dc63e40f066b Mon Sep 17 00:00:00 2001 From: Peter Dedene Date: Thu, 4 Jul 2024 20:11:41 +0200 Subject: [PATCH] Add cosign tool --- .github/workflows/build.yml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f275f08..ecb23df 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -74,9 +74,6 @@ jobs: labels: | org.opencontainers.image.title=ruby - - name: Install Cosign - uses: sigstore/cosign-installer@v3.2.0 - - name: Login to Docker Hub uses: docker/login-action@v3 with: @@ -135,10 +132,18 @@ jobs: needs: - build + permissions: + id-token: write # keyless Cosign signatures + packages: write # GHCR + contents: write # git tags + steps: - name: Checkout repo uses: actions/checkout@v4 + - name: Install Cosign + uses: sigstore/cosign-installer@v3.2.0 + - name: Download digests uses: actions/download-artifact@v4 with: