From a50a67e2ad55fd8fdc6352862d988446c1f0ffa6 Mon Sep 17 00:00:00 2001
From: Justin Marquis <34fathombelow@protonmail.com>
Date: Tue, 20 Dec 2022 14:21:45 -0800
Subject: [PATCH] chore: get image digest in seperate step (#11778)

* chore: get image digest in seperate step

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>

* Retrigger CI pipeline

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>
---
 .github/workflows/image.yaml   | 5 ++++-
 .github/workflows/release.yaml | 5 ++++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/image.yaml b/.github/workflows/image.yaml
index 897a904cd7763..08697a1bcb003 100644
--- a/.github/workflows/image.yaml
+++ b/.github/workflows/image.yaml
@@ -76,9 +76,12 @@ jobs:
       - name: Install crane to get digest of image
         uses: imjasonh/setup-crane@e82f1b9a8007d399333baba4d75915558e9fb6a4
 
-      - name: Sign Argo CD latest image
+      - name: Get digest of image
         run: |
           echo "IMAGE_DIGEST=$(crane digest quay.io/argoproj/argocd:latest)" >> $GITHUB_ENV
+
+      - name: Sign Argo CD latest image
+        run: |
           cosign sign --key env://COSIGN_PRIVATE_KEY quay.io/argoproj/argocd@${{ env.IMAGE_DIGEST }}
           # Displays the public key to share.
           cosign public-key --key env://COSIGN_PRIVATE_KEY
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index bd5be355b7f19..564eb0f044e76 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -222,9 +222,12 @@ jobs:
       - name: Install crane to get digest of image
         uses: imjasonh/setup-crane@e82f1b9a8007d399333baba4d75915558e9fb6a4
 
+     - name: Get digest of image
+       run: |
+          echo "IMAGE_DIGEST=$(crane digest quay.io/argoproj/argocd:v${TARGET_VERSION})" >> $GITHUB_ENV
+
       - name: Sign Argo CD container images and assets
         run: |
-          echo "IMAGE_DIGEST=$(crane digest quay.io/argoproj/argocd:v${TARGET_VERSION})" >> $GITHUB_ENV
           cosign sign --key env://COSIGN_PRIVATE_KEY ${IMAGE_NAMESPACE}/argocd@${{ env.IMAGE_DIGEST }}
           cosign sign-blob --key env://COSIGN_PRIVATE_KEY ./dist/argocd-${TARGET_VERSION}-checksums.txt > ./dist/argocd-${TARGET_VERSION}-checksums.sig
           # Retrieves the public key to release as an asset