ci: attempt to fix DCT key

.github/workflows/build-publish-signed.yml

@@ -24,11 +24,12 @@ jobs:
  - name: Load DCT delegation key
  env:
  DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ secrets.DCT_KEY_PASSPHRASE }}
- DCT_KEY_BASE64: ${{ secrets.DCT_KEY_BASE64 }}
+ DCT_KEY_PATH: ~/.docker/trust/private/${{ vars.DCT_KEY_ID }}.key
  run: |
- echo "$DCT_KEY_BASE64" | base64 -d > delegation.key
- chmod 600 delegation.key
- docker trust key load delegation.key --name gha
+ mkdir -p ~/.docker/trust/private
+ echo "${{ secrets.DCT_KEY_BASE64 }}" | base64 -d -o "$DCT_KEY_PATH"
+ chmod 600 "$DCT_KEY_PATH"
+ docker trust key load "$DCT_KEY_PATH" --name gha
 
  - name: Login to DockerHub
  uses: docker/login-action@v3
@@ -50,4 +51,7 @@ jobs:
  docker trust inspect --pretty ${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}
 
  - name: Remove DCT delegation key
- run: rm delegation.key
+ env:
+ DCT_KEY_PATH: ~/.docker/trust/private/${{ vars.DCT_KEY_ID }}.key
+ run: |
+ rm "$DCT_KEY_PATH"