From e88c640e4c09d517e774809a94000fdf0f4443cf Mon Sep 17 00:00:00 2001
From: bwbohl <b.w.bohl@gmail.com>
Date: Thu, 13 Feb 2025 15:06:58 +0100
Subject: [PATCH] GitHub Action: only sign non-pull-reguest images

---
 .github/workflows/docker-publish.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index cb0529c..208dfd4 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -127,6 +127,7 @@ jobs:
         # against the sigstore community Fulcio instance.
       #  run: cosign sign ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@${{ steps.build-and-push.outputs.digest }}
       - name: Sign the images with GitHub OIDC Token
+        if: ${{ github.event_name != 'pull_request' }}
         env:
           DIGEST: ${{ steps.build-and-push.outputs.digest }}
           TAGS: ${{ steps.meta.outputs.tags }}