From 0a40c71d29bc715ecc514ef22d8ee28ff1c19aac Mon Sep 17 00:00:00 2001
From: Shubham Sharma <83682340+shubms@users.noreply.github.com>
Date: Thu, 12 Dec 2024 23:34:36 +0530
Subject: [PATCH] fix: Sign images keylessly as well

---
 .github/workflows/build.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 2384ff4..5f40a08 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -90,6 +90,7 @@ jobs:
           for tag in ${TAGS}; do
             images+="${tag}@${DIGEST} "
           done
+          cosign sign --yes ${images}
           cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${images}
 
       - name: Cleanup old images
@@ -97,4 +98,4 @@ jobs:
         with:
           package-name: ${{ matrix.image }}
           package-type: container
-          min-versions-to-keep: 60
+          min-versions-to-keep: 30