From 855655a35a84e1d9a13df862e12971ac903c5d19 Mon Sep 17 00:00:00 2001
From: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
Date: Sat, 28 May 2022 18:59:48 -0500
Subject: [PATCH] :seedling: Signing scorecard images using cosign

Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
---
 .github/workflows/publishimage.yml | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/publishimage.yml b/.github/workflows/publishimage.yml
index 3bcd3ffcb404..57121d007e30 100644
--- a/.github/workflows/publishimage.yml
+++ b/.github/workflows/publishimage.yml
@@ -23,6 +23,7 @@ on:
   push:
     branches:
       - main
+  worflow_dispatch:
 env:
   GO_VERSION: 1.17.7
 
@@ -59,7 +60,7 @@ jobs:
             make install
             make scorecard-ko
      - name: Install Cosign
-       uses: sigstore/cosign-installer@f700e6fbbab82f6897758a3af7a8dede4e308656 # v1.2.1
+       uses: sigstore/cosign-installer@f700e6fbbab82f6897758a3af7a8dede4e308656
      - name: Sign image
-        run: |
-          cosign sign ghcr.io/${{github.repository_owner}}/stunning-tribble:${{ github.sha }}
+       run: |
+          cosign sign ghcr.io/${{github.repository_owner}}/scorecard:${{ github.sha }}