From a3cff1673389c7b4b73b53316db87075d1a28329 Mon Sep 17 00:00:00 2001
From: pcmxgti <16561338+pcmxgti@users.noreply.github.com>
Date: Thu, 23 Feb 2023 18:39:02 -0500
Subject: [PATCH] signing support

---
 .github/workflows/docker.yml | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index 7afd192f..10763d79 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -56,8 +56,11 @@ jobs:
       with:
         cosign-release: 'v1.13.1'
     - name: Get signing key
-      run: echo "${{ secrets.COSIGN_KEY }}" > cosign.key
+      run: echo "$KEY" > cosign.key
+      shell: bash
       if: github.event_name != 'pull_request'
+      env:
+        KEY: ${{ secrets.COSIGN_KEY }}
     - name: Sign container image with annotations from our environment
       run: |
         cosign sign --key cosign.key \
@@ -67,4 +70,4 @@ jobs:
           ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.tags }}
       if: github.event_name != 'pull_request'
       env:
-        COSIGN_PASSWORD: "${{ secrets.SIGNING_KEY_PASSWORD}}"    
+        COSIGN_PASSWORD: "${{ secrets.COSIGN_PASSWORD}}"