From 957aebd56c0af8afe388fe096d37e290c2e4605b Mon Sep 17 00:00:00 2001
From: xboard <xboard@xboard.one>
Date: Tue, 7 Jan 2025 23:10:51 -0500
Subject: [PATCH] update docker-publish.yml

---
 .github/workflows/docker-publish.yml | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index cd5d034..a16a963 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -57,6 +57,7 @@ jobs:
         run: echo "version=$(git describe --tags --always)" >> $GITHUB_OUTPUT
 
       - name: Build and push
+        id: build-and-push
         uses: docker/build-push-action@v5
         with:
           context: .
@@ -77,7 +78,10 @@ jobs:
           cosign-release: 'v2.2.2'
 
       - name: Sign image
+        if: steps.build-and-push.outputs.digest != ''
         env:
-          TAGS: ${{ steps.meta.outputs.tags }}
-          DIGEST: ${{ steps.build-and-push.outputs.digest }}
-        run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}
+          COSIGN_EXPERIMENTAL: 1
+        run: |
+          for tag in ${{ steps.meta.outputs.tags }}; do
+            cosign sign --yes "${tag}@${{ steps.build-and-push.outputs.digest }}"
+          done