From a314baa0ccfb5cc84a8c577335656d6b9bfa0252 Mon Sep 17 00:00:00 2001
From: Jiri Podivin <jpodivin@redhat.com>
Date: Fri, 4 Oct 2024 10:13:37 +0200
Subject: [PATCH] Improving publishing workflow for images

* Cosign installer version bumped
* Workflow can now be triggered manually
* Minor formatting change

Signed-off-by: Jiri Podivin <jpodivin@redhat.com>
---
 .github/workflows/docker-publish.yml | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index 9975f1d..49fb3ea 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -1,4 +1,4 @@
-name: Docker
+name: Docker Build and Publish
 
 # This workflow uses actions that are not certified by GitHub.
 # They are provided by a third-party and are governed by
@@ -12,12 +12,11 @@ on:
     tags: [ 'v*.*.*' ]
   pull_request:
     branches: [ "main" ]
-
+  workflow_dispatch:
 env:
   REGISTRY: quay.io
   IMAGE_NAME: logdetective/website
 
-
 jobs:
   build:
 
@@ -33,13 +32,14 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@v3
 
-      # Install the cosign tool except on PR
+      # Install and test the cosign tool except on PR
       # https://github.com/sigstore/cosign-installer
       - name: Install cosign
         if: ${{ github.event_name != 'pull_request' && contains(github.ref, 'refs/tags/') }}
-        uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 #v3.1.1
-        with:
-          cosign-release: 'v2.1.1'
+        uses: sigstore/cosign-installer@v3.6.0
+      - name: Check install!
+        if: ${{ github.event_name != 'pull_request' && contains(github.ref, 'refs/tags/') }}
+        run: cosign version
 
       # Set up BuildKit Docker container builder to be able to build
       # multi-platform images and export cache