pi-farm/test2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

neuer fix
All checks were successful
Docker Build Smart Logic / Build amd64 & arm64 (push) Successful in 24s
Details

Browse Source
This commit is contained in:
info@pi-farm.de
2026-02-10 02:35:26 +01:00
parent 0c710599c6
commit 87c53f01a7
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.gitea/workflows/docker-builder.yml
View File

@@ -256,15 +256,15 @@ jobs:
env: env:
COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
# Diese Variable ist der wichtigste Hebel:
COSIGN_SKIP_REKOR_UPLOAD: "true" COSIGN_SKIP_REKOR_UPLOAD: "true"
COSIGN_REPOSITORY: ${{ env.REGISTRY_HOST }}/${{ env.IMAGE_BASE }}/signatures COSIGN_REPOSITORY: ${{ env.REGISTRY_HOST }}/${{ env.IMAGE_BASE }}/signatures
run: | run: |
echo "$COSIGN_PRIVATE_KEY" > cosign.key echo "$COSIGN_PRIVATE_KEY" > cosign.key
# Wir erzwingen den Legacy-Modus (Tags mit .sig Endung) # Wir lassen NUR NOCH die absolut notwendigen Flags stehen.
# Wir setzen --tlog-upload=false sicherheitshalber auch hier # Keine Erwähnung von tlog oder configs mehr.
cosign sign --yes --key cosign.key \ cosign sign --yes --key cosign.key \
--tlog-upload=false \
--registry-referrers-mode legacy \ --registry-referrers-mode legacy \
"${REGISTRY_HOST}/${IMAGE_BASE}:main" "${REGISTRY_HOST}/${IMAGE_BASE}:main"