From 142ad08fa3e5d25ca4ee5cc019683963e5ceeaba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20M=C3=BCnch?= <christian@muench-worms.de>
Date: Fri, 20 Dec 2024 14:48:01 +0100
Subject: [PATCH] build: reduce cosign to a minimum

---
 .github/workflows/deploy.yml | 16 +---------------
 1 file changed, 1 insertion(+), 15 deletions(-)

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 5ac85067..c9aacea9 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -53,21 +53,7 @@ jobs:
 
       - name: Sign PHAR file using Cosign
         run: |
-          INDEX=$(cosign sign-blob --yes --output-signature n98-magerun2.phar.sig n98-magerun2.phar | grep -oP "tlog entry created with index: \K[0-9]+")
-          if [ -z "$INDEX" ]; then
-            echo "Error: Transparency Log Entry Index not found!" >&2
-            exit 1
-          fi
-          echo "Transparency Log Entry Index: $INDEX"
-          echo "REKOR_ENTRY_INDEX=$INDEX" >> $GITHUB_ENV
-
-      - name: Display Rekor Transparency Log URL
-        run: |
-          echo "Rekor Transparency Log Entry: https://rekor.sigstore.dev/api/v1/log/entries/$REKOR_ENTRY_INDEX"
-
-      - name: Create Rekor Annotation
-        run: |
-          echo "::notice file=n98-magerun2.phar::Rekor Transparency Log Entry: https://rekor.sigstore.dev/api/v1/log/entries/$REKOR_ENTRY_INDEX"
+          cosign sign-blob --yes --output-signature n98-magerun2.phar.sig n98-magerun2.phar
 
       - name: Import GPG key
         uses: crazy-max/ghaction-import-gpg@v6