Bump sigstore/cosign-installer from 2.8.1 to 3.0.1 (#251)

* Bump sigstore/cosign-installer from 2.8.1 to 3.0.1 Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.8.1 to 3.0.1. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@9becc61...c3667d9) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Update .goreleaser.yaml Signed-off-by: Carlos Tadeu Panato Junior <ctadeu@gmail.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Carlos Tadeu Panato Junior <ctadeu@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Carlos Tadeu Panato Junior <ctadeu@gmail.com>
sigstore · Mar 6, 2023 · b089b76 · b089b76
1 parent 941a084
commit b089b76
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 3 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -30,7 +30,7 @@ jobs:
           restore-keys: |
             ${{ runner.os }}-go-
 
-      - uses: sigstore/cosign-installer@9becc617647dfa20ae7b1151972e9b3a2c338a2b # v2.8.1
+      - uses: sigstore/cosign-installer@c3667d99424e7e6047999fb6246c0da843953c65 # v3.0.1
         with:
           cosign-release: 'v2.0.0' # optional
       - uses: anchore/sbom-action/download-syft@07978da4bdb4faa726e52dfc6b1bed63d4b56479 # v0.13.3

diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml
@@ -25,7 +25,7 @@ jobs:
           restore-keys: |
             ${{ runner.os }}-go-
 
-      - uses: sigstore/cosign-installer@9becc617647dfa20ae7b1151972e9b3a2c338a2b # v2.8.1
+      - uses: sigstore/cosign-installer@c3667d99424e7e6047999fb6246c0da843953c65 # v3.0.1
         with:
           cosign-release: 'v2.0.0' # optional
       - uses: anchore/sbom-action/download-syft@07978da4bdb4faa726e52dfc6b1bed63d4b56479 # v0.13.3

diff --git a/.goreleaser.yaml b/.goreleaser.yaml
@@ -81,7 +81,7 @@ sboms:
 signs:
 - cmd: cosign
   env:
-  - COSIGN_EXPERIMENTAL=1
+  - COSIGN_YES=true
   certificate: '${artifact}.pem'
   signature: '${artifact}.sig'
   args: