From 72bc490583fa082645eee942d25d09834dccb0fd Mon Sep 17 00:00:00 2001
From: elchnanarbiv <45004411+elchnanarbiv@users.noreply.github.com>
Date: Wed, 25 Sep 2024 11:37:34 +0300
Subject: [PATCH] Revert sign docker

---
 .github/workflows/release.yml | 11 -----------
 .goreleaser.yml               | 10 ----------
 2 files changed, 21 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 1757c7269..5c1ba97b6 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -125,17 +125,6 @@ jobs:
           SIGNING_REMOTE_SSH_HOST: ${{ secrets.SIGNING_REMOTE_SSH_HOST }}
           SIGNING_REMOTE_SSH_PRIVATE_KEY: ${{ secrets.SIGNING_REMOTE_SSH_PRIVATE_KEY }}
           SIGNING_HSM_CREDS: ${{ secrets.SIGNING_HSM_CREDS }}
-          COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
-          COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
-          COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }}
-
-      - name: Verify Docker image signature
-        if: inputs.dev == false
-        run: |
-          echo "${{ secrets.COSIGN_PUBLIC_KEY }}" > cosign.pub
-          cosign verify --key cosign.pub checkmarx/ast-cli:${{ inputs.tag }}
-        env:
-          COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
 
   notify:
     runs-on: ubuntu-latest
diff --git a/.goreleaser.yml b/.goreleaser.yml
index fb27f827d..95ca1e5f8 100644
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -66,16 +66,6 @@ dockers:
       - "checkmarx/ast-cli:latest"
       - "checkmarx/ast-cli:{{ .Tag }}"
 
-docker_signs:
-  - cmd: cosign sign --key ${COSIGN_PRIVATE_KEY}
-    args:
-      - "${artifact}"
-    artifacts: images
-    env:
-      - COSIGN_PRIVATE_KEY=${{ .Env.COSIGN_PRIVATE_KEY }}
-      - COSIGN_PASSWORD=${{ .Env.COSIGN_PASSWORD }}
-
-
 archives:
   - id: cx
     builds: