fix: enable DOCKER_CONTENT_TRUST

radiorabe · Mar 10, 2023 · 5256001 · 5256001
1 parent b8158d1
commit 5256001
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -89,6 +89,8 @@ jobs:
           labels: |
             ${{ steps.meta.outputs.labels }}
             version=${{ steps.meta.outputs.version }}
+        env:
+          DOCKER_CONTENT_TRUST: 1
 
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@master
@@ -125,6 +127,8 @@ jobs:
           labels: |
             ${{ steps.meta.outputs.labels }}
             version=${{ steps.meta.outputs.version }}
+        env:
+          DOCKER_CONTENT_TRUST: 1
 
       - name: Sign the images with GitHub OIDC Token using cosign
         run: cosign sign ${TAGS}