signing support (action)

dowjones · Feb 24, 2023 · 361e491 · 361e491
1 parent 3b630f0
commit 361e491
Showing 1 changed file with 1 addition and 18 deletions.
diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
@@ -21,7 +21,7 @@ jobs:
       max-parallel: 2
       matrix:
         include:
-          # - { platform: "linux/arm64", platform-tag: "arm64" }
+          - { platform: "linux/arm64", platform-tag: "arm64" }
           - { platform: "linux/amd64", platform-tag: "amd64" }
     permissions:
       contents: read
@@ -53,7 +53,6 @@ jobs:
         platforms: ${{ matrix.platform }}
         tags: ${{ steps.meta.outputs.tags }}
         labels: ${{ steps.meta.outputs.labels }}
-        sbom: false
         cache-from: type=gha
         cache-to: type=gha,mode=max
       env:
@@ -66,19 +65,3 @@ jobs:
         private-key-id: "${{ secrets.DOCKER_PRIVATE_KEY_ID }}"
         private-key: "${{ secrets.DOCKER_PRIVATE_KEY }}"
         private-key-passphrase: "${{ secrets.DOCKER_PRIVATE_KEY_PASSPHRASE }}"
-    # - name: Install cosign
-    #   if: github.event_name != 'pull_request'
-    #   uses: sigstore/cosign-installer@v2.8.1
-    #   with:
-    #     cosign-release: 'v1.13.1'
-    # - name: Sign container image with annotations from our environment
-    #   run: |
-    #     cosign sign --key env://COSIGN_KEY \
-    #       -a "repo=${{ github.repository }}" \
-    #       -a "workflow=${{ github.workflow }}" \
-    #       -a "ref=${{ github.sha }}" \
-    #       ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.tags }}
-    #   if: github.event_name != 'pull_request'
-    #   env:
-    #     COSIGN_KEY: ${{ secrets.COSIGN_KEY }}
-    #     COSIGN_PASSWORD: "${{ secrets.COSIGN_PASSWORD}}"