diff --git a/.github/actions/container_sbom/action.yml b/.github/actions/container_sbom/action.yml index 5b68d6d2b89..8093c37bb88 100644 --- a/.github/actions/container_sbom/action.yml +++ b/.github/actions/container_sbom/action.yml @@ -31,6 +31,7 @@ runs: COSIGN_PUBLIC_KEY: ${{ inputs.cosignPublicKey }} COSIGN_PRIVATE_KEY: ${{ inputs.cosignPrivateKey }} COSIGN_PASSWORD: ${{ inputs.cosignPassword }} + SYFT_ATTEST_PASSWORD: ${{ inputs.cosignPassword }} # Required for Syft 0.69.0+ as they overwrite COSIGN_PASSWORD run: | set -ex echo "$COSIGN_PRIVATE_KEY" > cosign.key