diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index f958c96..ca9b397 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -206,11 +206,10 @@ jobs: - name: Create manifest list and push working-directory: /tmp/digests run: | - jq -crj '.tags | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON" > /tmp/extra-manifest.json + jq -crj '{"annotations": .labels}' <<< "$DOCKER_METADATA_OUTPUT_JSON" > /tmp/extra-manifest.json TAGS="$(jq -crj '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON")" - docker buildx imagetools create ${TAGS} \ + docker buildx imagetools create -f /tmp/extra-manifest.json ${TAGS} \ $(printf '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *) - docker buildx imagetools create --append -f /tmp/extra-manifest.json ${TAGS} # Sign the resulting Docker image digest except on PRs. # This will only write to the public Rekor transparency log when the Docker