ci: fix sign command #89

Workflow file for this run

.github/workflows/build-docker.yaml at 902a308

	name: Build docker
	on:
	workflow_dispatch:
	push:
	branches:
	- master
	paths:
	- dockerfiles/**
	- .github/workflows/build-docker.yaml
	pull_request:
	paths:
	- dockerfiles/**
	- .github/workflows/build-docker.yaml
	jobs:
	build-and-push:
	runs-on: ubuntu-latest
	permissions:
	id-token: write
	steps:
	- uses: actions/checkout@v5
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3
	with:
	platforms: linux/amd64,linux/arm64
	- name: Set up Docker Buildx
	id: buildx
	uses: docker/setup-buildx-action@v3
	- name: Set up cosign
	if: ${{ github.event_name != 'pull_request' }}
	uses: sigstore/cosign-installer@v3
	- name: login to Docker Hub
	if: ${{ github.event_name != 'pull_request' }}
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_PASSWORD }}
	- name: login to quay.io
	if: ${{ github.event_name != 'pull_request' }}
	uses: docker/login-action@v3
	with:
	registry: quay.io
	username: ${{ secrets.QUAYIO_USERNAME }}
	password: ${{ secrets.QUAYIO_PASSWORD }}
	- name: Build and push
	uses: docker/bake-action@v6
	id: bake
	with:
	builder: ${{ steps.buildx.outputs.name }}
	source: .
	workdir: dockerfiles
	provenance: true
	sbom: true
	push: ${{ github.event_name != 'pull_request' }}
	env:
	GIT_COMMIT: ${{ github.sha }}
	CACHE: true
	- name: Sign images
	if: ${{ github.event_name != 'pull_request' }}
	run: \|
	jq '.[] \| select(type=="object") \| select(."containerimage.digest") \| ."containerimage.digest" as $DIGEST \| ."image.name" \| split(":")[0] \| "\(.)@\($DIGEST)"' -r <<<'${{ steps.bake.outputs.metadata }}' \
	\| xargs --no-run-if-empty cosign sign --yes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ci: fix sign command #89

Workflow file

ci: fix sign command #89

Uh oh!

Workflow file for this run