From e6f9108958eda8bac3a9a7ab2e15a6e377603bf9 Mon Sep 17 00:00:00 2001 From: Brian DeHamer Date: Thu, 29 Feb 2024 08:12:24 -0800 Subject: [PATCH] force signing with github private sigstore (#17) Signed-off-by: Brian DeHamer --- .github/workflows/ci.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d3870e2..5d29b15 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -67,6 +67,8 @@ jobs: echo "sha-256=${SHA_256}" >> "$GITHUB_OUTPUT" - name: Run attest id: attest + env: + INPUT_PRIVATE-SIGNING: 'true' uses: ./ with: subject-name: 'https://api.github.com${{ env.SUBJECT }}'