Regenerate cosign key pair for image signing

SecAI-Hub · claude · SecAI-Hub · commit 3a93cb88020e · 2026-03-08T22:08:33.000-07:00
The build workflow requires a cosign public/private key pair to sign
the container image. The private key is stored as the SIGNING_SECRET
GitHub secret.

Co-Authored-By: Claude Opus 4.6 &lt;noreply@anthropic.com&gt;
diff --git a/cosign.pub b/cosign.pub
@@ -1,4 +1,4 @@
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEP42H58yIV98/GrQkArabAnsfLLjr
-MI848NLkUwI29cEnc6K8qVZESVrqxP0mB9e4NCSJ57kUf0BryiR77FN9HA==
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEfIBFTz9lAkUblftBBD5WBY0fa8Lm
+rZZIENzLbQzn68tp2cuQre7NUhCmU/lG4QpQxADSBTRhHlXBVTbDWQtPxg==
 -----END PUBLIC KEY-----
