Add signing support via cosign

2026-06-04 18:24:24 +08:00 · 2025-07-31 16:46:35 +05:30
parent ca96eb6831
commit 995afae9db
3 changed files with 3 additions and 8 deletions
@@ -843,14 +843,11 @@ func commandCosignSign(build Build, tag string, cosign CosignConfig) *exec.Cmd {
 		args = append(args, "--key", cosign.PrivateKey)
 	}

-	// Set password and non-interactive environment variables
+	// Set password environment variable if provided
 	if cosign.Password != "" {
 		os.Setenv("COSIGN_PASSWORD", cosign.Password)
 	}

-	// Set COSIGN_YES for additional non-interactive assurance
-	os.Setenv("COSIGN_YES", "true")
-
 	// Add custom parameters (after our defaults so users can override)
 	if cosign.Params != "" {
 		extraArgs := strings.Fields(cosign.Params)
@@ -26,8 +26,7 @@ LABEL maintainer="Drone.IO Community <drone-dev@googlegroups.com>" `
 RUN mkdir C:\bin

 # Install cosign for container image signing
-RUN powershell -Command \
-    "Invoke-WebRequest 'https://github.com/sigstore/cosign/releases/latest/download/cosign-windows-amd64.exe' -OutFile 'C:\bin\cosign.exe'"
+RUN powershell -Command "Invoke-WebRequest 'https://github.com/sigstore/cosign/releases/latest/download/cosign-windows-amd64.exe' -OutFile 'C:\bin\cosign.exe'"

 COPY --from=download /windows/system32/netapi32.dll /windows/system32/netapi32.dll
 COPY --from=download /app/docker.exe C:/bin/docker.exe
@@ -24,8 +24,7 @@ LABEL maintainer="Drone.IO Community <drone-dev@googlegroups.com>" `
 RUN mkdir C:\bin

 # Install cosign for container image signing
-RUN powershell -Command \
-    "Invoke-WebRequest 'https://github.com/sigstore/cosign/releases/latest/download/cosign-windows-amd64.exe' -OutFile 'C:\bin\cosign.exe'"
+RUN powershell -Command "Invoke-WebRequest 'https://github.com/sigstore/cosign/releases/latest/download/cosign-windows-amd64.exe' -OutFile 'C:\bin\cosign.exe'"

 COPY --from=download /windows/system32/netapi32.dll /windows/system32/netapi32.dll
 COPY --from=download /app/docker.exe C:/bin/docker.exe