FEAT: Use keys to sign instead

magicaldave · Jan 19, 2025 · 5a64c57 · 5a64c57
1 parent 543374e
commit 5a64c57
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -39,7 +39,11 @@ jobs:
 
       - uses: sigstore/cosign-installer@main
       - name: sign
-        run: cosign sign-blob -y ./target/release/${{ matrix.binary }} --bundle S3LF-${{ matrix.os }}.bundle
+        run: |
+          echo ${{ COSIGN_PUBLIC_KEY }}
+          echo ${{ COSIGN_PRIVATE_KEY }} > private.key
+          cosign sign-blob -y --key private.key ./target/release/${{ matrix.binary }} --bundle S3LF-${{ matrix.os }}.bundle
+          rm -rf private.key
 
       - name: compress
         run: 7z a -tzip ${{matrix.archive}} S3LF-${{ matrix.os }}.bundle ./target/release/${{matrix.binary}}