Bump Sigstore Cosign Version to 2.2.0

ThomasAFink · web-flow · commit 1ef38f6d8e1e · 2024-10-21T11:54:44.000+02:00
diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
@@ -54,7 +54,7 @@ jobs:
         if: github.event_name != 'pull_request'
         uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0
         with:
-          cosign-release: 'v2.1.1'
+          cosign-release: 'v2.2.0'
 
       # Set up BuildKit Docker container builder to be able to build
       # multi-platform images and export cache
@@ -106,4 +106,4 @@ jobs:
           DIGEST: ${{ steps.build-and-push.outputs.digest }}
         # This step uses the identity token to provision an ephemeral certificate
         # against the sigstore community Fulcio instance.
-        run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}
+        run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}
