Skip to content

Commit

Permalink
sign latest tag when release
Browse files Browse the repository at this point in the history
  • Loading branch information
@fqjony
fqjony committed Nov 28, 2024
1 parent 18615b7 commit f2c612c
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -132,6 +132,9 @@ jobs:
cosign sign -y \
--key env://COSIGN_PRIVATE_KEY \
usabilitydynamics/udx-worker:${{ steps.gitversion.outputs.semVer }}
cosign sign -y \
--key env://COSIGN_PRIVATE_KEY \
usabilitydynamics/udx-worker:latest
- name: Sign SBOM with Cosign
env:
Expand All @@ -142,6 +145,11 @@ jobs:
--predicate sbom.json \
--type https://spdx.dev/spdx-specification-2-2-pdf \
usabilitydynamics/udx-worker:${{ steps.gitversion.outputs.semVer }}
cosign attest -y \
--key env://COSIGN_PRIVATE_KEY \
--predicate sbom.json \
--type https://spdx.dev/spdx-specification-2-2-pdf \
usabilitydynamics/udx-worker:latest
- name: Log out from Docker Hub
run: docker logout
Expand Down

0 comments on commit f2c612c

Please sign in to comment.