Added cosign

.drone.yml

@@ -89,7 +89,7 @@ kind: pipeline
 type: kubernetes
 name: build:tags
 steps:
-  - name: build $DRONE_TAG
+  - name: build_tag
     image: plugins/docker
     user: 0
     depends_on: [clone]
@@ -103,14 +103,23 @@ steps:
         - "${DRONE_TAG}"
       registry: registry.odit.services
       mtu: 1000
-  - name: gitea_release
+  - name: sign_image
-    image: plugins/gitea-release
+    depends_on: [build_tag]
-    settings:
+    image: registry.odit.services/hub/library/alpine:edge
-      title: Release ${DRONE_TAG}
+    commands:
-      note: "Pull: `docker pull registry.odit.services/library/nginx-brotli:${DRONE_TAG}`"
+      - apk add cosign docker
-      api_key:
+      - echo $COSIGN_KEY > cosign.key
-        from_secret: gitea_token
+      - echo $DOCKER_PASSWORD | docker login registry.odit.services -u $DOCKER_USERNAME --password-stdin
-      base_url: https://git.odit.services
+      - cosign sign --key cosign.key registry.odit.services/library/nginx-brotli:${DRONE_TAG}
+    environment:
+      COSIGN_KEY:
+        from_secret: cosign_key
+      COSIGN_PASSWORD:
+        from_secret: cosign_password
+      DOCKER_PASSWORD:
+        from_secret: docker_password
+      DOCKER_USERNAME:
+        from_secret: docker_username
 trigger:
   event:
     - tag