Set image digest in output

[mmalyska]

I need to have pushed image digest so it can be signed with cosign. Example action step:

      - name: Sign the published Docker image
        if: ${{ github.event_name != 'pull_request' }}
        env:
          TAGS: ${{ steps.meta.outputs.tags }}
          DIGEST: ${{ steps.build-and-push.outputs.digest }}
        # This step uses the identity token to provision an ephemeral certificate
        # against the sigstore community Fulcio instance.
        run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}

[chrmarti]

I don't see a way of getting this from docker buildx build, so the action or the CLI would have to extract the digest.

I suggest you do this in your build script by adding a unique tag with the imageTag input (which accepts a comma separated list in case you already use it) of the devcontainer action and using that tag to look up the digest from docker inspect.