Sign with cosign #82

	name: Docker Image CI

	on: [push]

	permissions:
	contents: read
	id-token: write
	attestations: write
	packages: write

	jobs:

	build:

	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v4
	- name: Login to GitHub Registry
	uses: docker/login-action@v3
	with:
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}
	registry: ghcr.io
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	- name: Push to GitHub Registry
	id: push
	uses: docker/build-push-action@v6
	with:
	context: .
	platforms: linux/amd64,linux/arm64
	dockerfile: Dockerfile
	push: true
	tags: \|
	ghcr.io/jessedearing/debug:latest
	- name: Install cosign
	uses: sigstore/[email protected]
	- name: Sign images with GitHub OIDC
	env:
	DIGEST: ${{ steps.push.outputs.digest }}
	run: \|
	cosign sign --yes ghcr.io/jessedearing/debug:latest

Provide feedback