Skip to content

fix(build): add docker.io prefix to DockerHub cosign image refs#206

Merged
bedatty merged 1 commit intodevelopfrom
fix/cosign-dockerhub-fqdn
Apr 6, 2026
Merged

fix(build): add docker.io prefix to DockerHub cosign image refs#206
bedatty merged 1 commit intodevelopfrom
fix/cosign-dockerhub-fqdn

Conversation

@bedatty
Copy link
Copy Markdown
Contributor

@bedatty bedatty commented Apr 6, 2026
edited by coderabbitai bot
Loading

Lerian

GitHub Actions Shared Workflows

Description

Adds the docker.io/ prefix to DockerHub image references used for cosign signing in build.yml and typescript-build.yml.

The cosign-sign composite action (action.yml) requires fully qualified image references (e.g., docker.io/org/app@sha256:...). GHCR refs were already correct (ghcr.io/...) and go-release.yml already used ${DOCKER_REGISTRY}/, but these two workflows were missing the registry prefix for DockerHub.

Before: lerianstudio/app@sha256:abc...
After: docker.io/lerianstudio/app@sha256:abc...

Type of Change

  • fix: Bug fix in a workflow (incorrect behavior, broken step, wrong condition)

Breaking Changes

None.

Testing

  • YAML syntax validated locally
  • Verified all existing inputs still work with default values
  • Checked that unrelated workflows are not affected

Related Issues

Related to #203

Summary by CodeRabbit

  • Chores
    • Updated Docker image reference formatting in build pipelines for improved registry compatibility with container signing.

@bedatty bedatty requested a review from a team as a code owner April 6, 2026 17:32
@coderabbitai
Copy link
Copy Markdown

coderabbitai bot commented Apr 6, 2026
edited
Loading

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 730a7b07-55e0-416e-8ad1-aca8642258e9

📥 Commits

Reviewing files that changed from the base of the PR and between baa43a2 and 5681140.

📒 Files selected for processing (2)
  • .github/workflows/build.yml
  • .github/workflows/typescript-build.yml

Walkthrough

Updated DockerHub image references in two GitHub Actions workflows to explicitly include the docker.io registry prefix when generating cosign signing references. GHCR reference generation and newline concatenation behavior unchanged.

Changes

Cohort / File(s) Summary
DockerHub Registry Prefix
.github/workflows/build.yml, .github/workflows/typescript-build.yml		 Modified cosign image reference format for DockerHub: ${DOCKERHUB_ORG}/${APP_NAME}@${DIGEST}docker.io/${DOCKERHUB_ORG}/${APP_NAME}@${DIGEST} when ENABLE_DOCKERHUB is true.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Title check ✅ Passed The title accurately and concisely describes the primary change: adding the docker.io prefix to DockerHub cosign image references in the build workflows.
Description check ✅ Passed The description addresses all critical sections: it explains the change, identifies affected workflows, specifies the type of change (fix), confirms no breaking changes, documents testing performed, and links to the related issue.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fix/cosign-dockerhub-fqdn

Comment @coderabbitai help to get the list of available commands and usage tips.

@lerian-studio lerian-studio added size/XS PR changes < 50 lines workflow Changes to one or more reusable workflow files typescript Changes to TypeScript or Frontend workflows labels Apr 6, 2026
@lerian-studio
Copy link
Copy Markdown

lerian-studio commented Apr 6, 2026

🔍 Lint Analysis

Check Files Scanned Status
YAML Lint 2 file(s) ✅ success
Action Lint 2 file(s) ✅ success
Pinned Actions 2 file(s) ✅ success
Markdown Link Check no changes ⏭️ skipped
Spelling Check 2 file(s) ✅ success
Shell Check 2 file(s) ✅ success
README Check 2 file(s) ✅ success
Composite Schema no changes ⏭️ skipped

🔍 View full scan logs

@lerian-studio
Copy link
Copy Markdown

lerian-studio commented Apr 6, 2026

🛡️ CodeQL Analysis Results

Languages analyzed: actions

✅ No security issues found.

🔍 View full scan logs | 🛡️ Security tab

@bedatty bedatty merged commit 49c0216 into develop Apr 6, 2026
32 checks passed
@github-actions github-actions bot deleted the fix/cosign-dockerhub-fqdn branch April 6, 2026 17:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] approved these changes

Assignees

@bedatty bedatty

Labels

size/XS PR changes < 50 lines typescript Changes to TypeScript or Frontend workflows workflow Changes to one or more reusable workflow files

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bedatty @lerian-studio