diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index a21bfce..d9d6fe3 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -207,8 +207,10 @@ jobs: working-directory: /tmp/digests run: | jq -crj '.tags | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON" > /tmp/extra-manifest.json - docker buildx imagetools create -f /tmp/extra-manifest.json $(jq -crj '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ + TAGS="$(jq -crj '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON")" + docker buildx imagetools create -f /tmp/extra-manifest.json ${TAGS} \ $(printf '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *) + docker buildx imagetools create -f /tmp/extra-manifest.json --append ${TAGS} # Sign the resulting Docker image digest except on PRs. # This will only write to the public Rekor transparency log when the Docker