Merge pull request #360 from fosrl/github-action-cosign

Upgrade cosign installer to v4.1.2 and pin cosign version
2026-05-17 21:59:53 +00:00 · 2026-05-16 14:55:22 -07:00
parent 37aff0daa5 8736f89291
commit 2562bda187
1 changed files with 2 additions and 2 deletions
--- a/.github/workflows/cicd.yml
+++ b/.github/workflows/cicd.yml
@@ -750,9 +750,9 @@ jobs:
          show-summary: true

      - name: Install cosign
-        uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1
+        uses: sigstore/cosign-installer@6f9f17788090df1f26f669e9d70d6ae9567deba6 # v4.1.2
        with:
-          cosign-release: "v3.0.2"
+          cosign-release: v3.0.6

      - name: Sanity check cosign private key
        env: