Changed: skip signing for now

enginedigital · Apr 9, 2024 · 09d9f5d · 09d9f5d
1 parent a44608f
commit 09d9f5d
Showing 1 changed file with 15 additions and 15 deletions.
diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
@@ -76,18 +76,18 @@ jobs:
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
 
-      # Sign the resulting Docker image digest except on PRs and private repos
-      # The keyless signing process records signatures on the Rekor public
-      # transparency log, so signing is disabled for private repos by default
-      # to avoid leaking private data.  If you wish to sign things anyways,
-      # then this check can be removed and --force can be added to the cosign
-      # command below.
-      # https://github.com/sigstore/cosign
-      - name: Sign the published Docker image
-        if: ${{ github.event_name != 'pull_request' && !github.event.repository.private }}
-        env:
-          COSIGN_EXPERIMENTAL: "true"
-        # This step uses the identity token to provision an ephemeral certificate
-        # against the sigstore community Fulcio instance, and records it to the
-        # sigstore community Rekor transparency log.
-        run: cosign sign ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@${{ steps.build-and-push.outputs.digest }} --no-input
+      # # Sign the resulting Docker image digest except on PRs and private repos
+      # # The keyless signing process records signatures on the Rekor public
+      # # transparency log, so signing is disabled for private repos by default
+      # # to avoid leaking private data.  If you wish to sign things anyways,
+      # # then this check can be removed and --force can be added to the cosign
+      # # command below.
+      # # https://github.com/sigstore/cosign
+      # - name: Sign the published Docker image
+      #   if: ${{ github.event_name != 'pull_request' && !github.event.repository.private }}
+      #   env:
+      #     COSIGN_EXPERIMENTAL: "true"
+      #   # This step uses the identity token to provision an ephemeral certificate
+      #   # against the sigstore community Fulcio instance, and records it to the
+      #   # sigstore community Rekor transparency log.
+      #   run: cosign sign ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@${{ steps.build-and-push.outputs.digest }}