From f2c612cb77ff3036bc0b659d92141284244ff4fc Mon Sep 17 00:00:00 2001
From: Dmitry Smirnov <dmitry.smirnov@transactcampus.com>
Date: Thu, 28 Nov 2024 19:38:10 +0200
Subject: [PATCH] sign latest tag when release

---
 .github/workflows/release.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 61fe616a..07e8bd6d 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -132,6 +132,9 @@ jobs:
           cosign sign -y \
             --key env://COSIGN_PRIVATE_KEY \
             usabilitydynamics/udx-worker:${{ steps.gitversion.outputs.semVer }}
+          cosign sign -y \
+            --key env://COSIGN_PRIVATE_KEY \
+            usabilitydynamics/udx-worker:latest
 
       - name: Sign SBOM with Cosign
         env:
@@ -142,6 +145,11 @@ jobs:
             --predicate sbom.json \
             --type https://spdx.dev/spdx-specification-2-2-pdf \
             usabilitydynamics/udx-worker:${{ steps.gitversion.outputs.semVer }}
+          cosign attest -y \
+            --key env://COSIGN_PRIVATE_KEY \
+            --predicate sbom.json \
+            --type https://spdx.dev/spdx-specification-2-2-pdf \
+            usabilitydynamics/udx-worker:latest
 
       - name: Log out from Docker Hub
         run: docker logout