pangolin_mirror/gerbil
1
0
Fork 0
mirror of https://github.com/fosrl/gerbil.git synced 2026-05-12 03:09:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #58 from fosrl/dependabot/github_actions/sigstore/cosign-installer-4.1.0

Browse Source 
Bump sigstore/cosign-installer from 4.0.0 to 4.1.0
This commit is contained in:
Marc Schäfer
2026-04-02 20:40:30 +02:00
committed by GitHub
parent d065897c4d 58674ec025
commit 69418a439c
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/cicd.yml vendored
View File

@@ -108,7 +108,7 @@ jobs:
- name: Install cosign
# cosign is used to sign and verify container images (key and keyless)
uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0
uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0
- name: Dual-sign and verify (GHCR & Docker Hub)
# Sign each image by digest using keyless (OIDC) and key-based signing,

2
.github/workflows/mirror.yaml vendored
View File

@@ -23,7 +23,7 @@ jobs:
skopeo --version
- name: Install cosign
uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0
uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0
- name: Input check
run: |