Skip to content

Commit fcc941d

Browse files
Comment out Docker image signature verification step in release workflow (#1500)
1 parent 7200c50 commit fcc941d

1 file changed

Lines changed: 7 additions & 7 deletions

File tree

.github/workflows/release.yml

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -138,13 +138,13 @@ jobs:
138138
run: |
139139
cosign sign --yes --key env://COSIGN_PRIVATE_KEY checkmarx/ast-cli:${{ inputs.tag }}
140140
141-
- name: Verify Docker image signature
142-
if: inputs.dev == false
143-
run: |
144-
echo "${{ secrets.COSIGN_PUBLIC_KEY }}" > cosign.pub
145-
cosign verify --key cosign.pub checkmarx/ast-cli:${{ inputs.tag }}
146-
env:
147-
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
141+
#- name: Verify Docker image signature
142+
# if: inputs.dev == false
143+
# run: |
144+
# echo "${{ secrets.COSIGN_PUBLIC_KEY }}" > cosign.pub
145+
# cosign verify --key cosign.pub checkmarx/ast-cli:${{ inputs.tag }}
146+
# env:
147+
# COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
148148

149149
- name: Create GitHub Release
150150
env:

0 commit comments

Comments
 (0)