Update ci.yml

tamalerhino · web-flow · commit e618d11bfd9c · 2024-10-19T16:04:44.000-05:00
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -102,11 +102,16 @@ jobs:
     steps:
       - name: Install Cosign
         uses: sigstore/cosign-installer@v3.7.0
+      - name: Write public key to disk
+        run: 'echo "$KEY" > cosign.key'
+        shell: bash
+        env:
+          KEY: ${{ secrets.COSIGN_PUBLIC_KEY }}
       - name: Check images
         run: |
           docker buildx imagetools inspect ${{ secrets.DOCKER_USERNAME }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }}
           docker pull ${{ secrets.DOCKER_USERNAME }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }}
-          cosign verify --key env://COSIGN_KEY ${{ secrets.DOCKER_USERNAME }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }} 
+          cosign verify --key cosign.key ${{ secrets.DOCKER_USERNAME }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }} 
       - uses: anchore/sbom-action@v0
         with:
           image: ${{ secrets.DOCKER_USERNAME }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }}
