From 4306ac1c56ff42aad1afc148f7df4369232c8f01 Mon Sep 17 00:00:00 2001
From: Justin Marquis <34fathombelow@protonmail.com>
Date: Wed, 14 Dec 2022 17:40:28 -0800
Subject: [PATCH] chore: use docker login to sign images

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>
---
 .github/workflows/release.yaml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index be2b5465c0..055a7ae1e6 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -149,6 +149,14 @@ jobs:
 
           cd /tmp && tar -zcf sbom.tar.gz *.spdx
 
+      - name: Login to Quay.io
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v2
+        with:
+          registry: quay.io
+          username: ${{ secrets.QUAY_USERNAME }}
+          password: ${{ secrets.QUAY_ROBOT_TOKEN }}
+
       - name: Install cosign
         uses: sigstore/cosign-installer@main
         with: