From 2dcd4fccffbf3f6a6245416caeb448a13f1f26b3 Mon Sep 17 00:00:00 2001
From: James Reeve <reevejd@users.noreply.github.com>
Date: Thu, 21 Sep 2023 11:21:09 -0400
Subject: [PATCH] fix(release): don't try to sign images that haven't been
 pushed (#26)

---
 .github/workflows/release.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 08b2e0c..d827540 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -218,11 +218,14 @@ jobs:
             SN_GITHUB_NPM_REGISTRY=https://npm.pkg.github.com
 
       - uses: sigstore/cosign-installer@main
+        if: ${{ inputs.push }}
 
       - name: Write signing key to disk
+        if: ${{ inputs.push }}
         run: echo "${{ secrets.CONTAINER_IMAGE_SIGNING_PRIVATE_KEY }}" > cosign.key
 
       - name: Sign container image
+        if: ${{ inputs.push }}
         run: |
           cosign sign --key cosign.key \
             -a "repo=${{ github.repository }}" \