chore(deps): update dependency sigstore/cosign to v3.0.4

2026-02-02 23:03:37 +00:00
5 changed files with 5 additions and 7 deletions
--- a/.gitea/workflows/artifacthub-metadata.yaml
+++ b/.gitea/workflows/artifacthub-metadata.yaml
@@ -13,7 +13,7 @@ jobs:
    - uses: actions/checkout@v6.0.2
    - uses: sigstore/cosign-installer@v4.0.0
      with:
-        cosign-release: "v3.0.3" # renovate: datasource=github-tags depName=sigstore/cosign
+        cosign-release: "v3.0.4" # renovate: datasource=github-tags depName=sigstore/cosign
    - uses: docker/login-action@v3.7.0
      with:
        registry: git.cryptic.systems
@@ -38,7 +38,6 @@ jobs:
        echo "${COSIGN_PUBLIC_KEY}" > cosign.pub
        oras push git.cryptic.systems/volker.raschek/dcmerge:cosign.pub \
          --artifact-type application/vnd.dev.cosign.public-key.v1 \
-          --annotation org.opencontainers.image.title=cosign.pub \
          cosign.pub:application/vnd.dev.cosign.public-key.v1

    - name: Push artifacthub-repo.yml to docker.io
@@ -53,4 +52,4 @@ jobs:
        echo "${COSIGN_PUBLIC_KEY}" > cosign.pub
        oras push docker.io/volkerraschek/dcmerge:cosign.pub \
          --artifact-type application/vnd.dev.cosign.public-key.v1 \
-          cosign.pub:application/vnd.dev.cosign.public-key.v1
+          cosign.pub:application/vnd.dev.cosign.public-key.v1
--- a/.gitea/workflows/release.yaml
+++ b/.gitea/workflows/release.yaml
@@ -33,7 +33,7 @@ jobs:
        rm syft_${SYFT_VERSION}_${OS}_${ARCH}.deb
    - uses: sigstore/cosign-installer@v4.0.0
      with:
-        cosign-release: "v2.6.2" # renovate: datasource=github-tags depName=sigstore/cosign
+        cosign-release: "v3.0.4" # renovate: datasource=github-tags depName=sigstore/cosign
    - uses: docker/setup-qemu-action@v3.7.0
    - uses: docker/setup-buildx-action@v3.12.0
    - uses: actions/setup-go@v6.2.0
@@ -72,6 +72,6 @@ jobs:
          --dest-password ${{ secrets.DOCKER_IO_PASSWORD }} \
          --dest-username ${{ secrets.DOCKER_IO_USERNAME }} \
          --src-password ${{ secrets.GIT_CRYPTIC_SYSTEMS_PACKAGE_REGISTRY_TOKEN }} \
-          --src-username ${{ github.repository_owner }} \
+          --src-username volker.raschek \
            docker://git.cryptic.systems/volker.raschek/dcmerge:${TAG} \
            docker://docker.io/volkerraschek/dcmerge:${TAG}
--- a/.goreleaser.yaml
+++ b/.goreleaser.yaml
@@ -104,7 +104,6 @@ dockers_v2:

    io.artifacthub.package.alternative-locations: "docker.io/volkerraschek/{{ .ProjectName }}:{{ .Version }}"
    io.artifacthub.package.keywords: "docker,docker-compose,merge,ci"
-    io.artifacthub.package.logo-url: "https://git.cryptic.systems/volker.raschek/{{ .ProjectName }}/raw/tag/v{{ .Version }}/icons/icon.png"
    io.artifacthub.package.license: "MIT"
    io.artifacthub.package.readme-url: "https://git.cryptic.systems/volker.raschek/{{ .ProjectName }}/raw/tag/v{{ .Version }}/README.md"

@@ -345,7 +344,7 @@ docker_signs:
  #   '':        images built by dockers_v2
  #
  # Default: ''.
-  artifacts: manifests
+  artifacts: all

  # IDs of the artifacts to sign.
  ids:
--- a/icons/icon.png
+++ b/icons/icon.png
--- a/icons/icon_32x32.png
+++ b/icons/icon_32x32.png