From 5d8bada281ed2131a5f2ac09a3c211d1060be337 Mon Sep 17 00:00:00 2001
From: tux2000 <tux2000@users.noreply.github.com>
Date: Tue, 23 Jul 2024 10:48:51 +0200
Subject: [PATCH 1/3] try to fix cosign

---
 .github/workflows/docker-publish.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index e81e18e..7c9e36c 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -44,7 +44,7 @@ jobs:
       # https://github.com/sigstore/cosign-installer
       - name: Install cosign
         if: github.event_name != 'pull_request'
-        uses: sigstore/cosign-installer@1e95c1de343b5b0c23352d6417ee3e48d5bcd422
+        uses: sigstore/cosign-installer@v3.5.0
         with:
           cosign-release: 'v1.4.0'
 

From 78a7cce1eea77914687805b1edd224261a7d0aee Mon Sep 17 00:00:00 2001
From: tux2000 <tux2000@users.noreply.github.com>
Date: Tue, 23 Jul 2024 10:52:33 +0200
Subject: [PATCH 2/3] Cosign version bump

---
 .github/workflows/docker-publish.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index 7c9e36c..437cbcb 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -46,7 +46,7 @@ jobs:
         if: github.event_name != 'pull_request'
         uses: sigstore/cosign-installer@v3.5.0
         with:
-          cosign-release: 'v1.4.0'
+          cosign-release: 'v2.2.4'
 
 
       # Workaround: https://github.com/docker/build-push-action/issues/461

From e63281d5ea8596dbe98eedec083ad7d03178c857 Mon Sep 17 00:00:00 2001
From: tux2000 <tux2000@users.noreply.github.com>
Date: Tue, 23 Jul 2024 10:59:02 +0200
Subject: [PATCH 3/3] Auto-approve cosign questions

---
 .github/workflows/docker-publish.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index 437cbcb..7e927f3 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -94,4 +94,4 @@ jobs:
           COSIGN_EXPERIMENTAL: "true"
         # This step uses the identity token to provision an ephemeral certificate
         # against the sigstore community Fulcio instance.
-        run: cosign sign ${{ env.REGISTRY }}/${{ steps.lowercaseRepo.outputs.lowercase }}@${{ steps.build-and-push.outputs.digest }}
+        run: cosign sign --yes ${{ env.REGISTRY }}/${{ steps.lowercaseRepo.outputs.lowercase }}@${{ steps.build-and-push.outputs.digest }}