Open travier opened 10 months ago
I can not use this action to sign a container with sigstore when pushing it.
Add an option to the GitHub Action to be able to pass a sigstore private key to use when pushing to sign the containers.
The cosign action does not let me push and sign a container in a single atomic step.
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/building_running_and_managing_containers/assembly_signing-container-images_building-running-and-managing-containers#proc_signing-container-images-with-sigstore-signatures-using-a-private-key_assembly_signing-container-images
CC @vrothberg
travier
commented
10 months ago travier
commented
10 months ago
Is your feature request related to a problem? Please describe.
I can not use this action to sign a container with sigstore when pushing it.
Describe the solution you'd like
Add an option to the GitHub Action to be able to pass a sigstore private key to use when pushing to sign the containers.
Describe alternatives you've considered
The cosign action does not let me push and sign a container in a single atomic step.
Additional context
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/building_running_and_managing_containers/assembly_signing-container-images_building-running-and-managing-containers#proc_signing-container-images-with-sigstore-signatures-using-a-private-key_assembly_signing-container-images