add --yes to example workflow (#110)

sebhoss · web-flow · commit bd2d1189b064 · 2023-03-06T12:38:13.000+01:00
Version 2.0 of cosign is asking users to confirm that information is
stored in public transparency logs. This interactive interaction does
not work in automated CI pipelines like GitHub actions and breaks
builds that are now starting to use 2.0. Adding --yes removes the
required user interaction and enables automated builds again.

Signed-off-by: Sebastian Hoß &lt;seb@xn--ho-hia.de&gt;
diff --git a/README.md b/README.md
@@ -135,7 +135,7 @@ jobs:
           COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}
 
       - name: Sign the images with GitHub OIDC Token **not production ready**
-        run: cosign sign ${TAGS}
+        run: cosign sign --yes ${TAGS}
         env:
           TAGS: ${{ steps.docker_meta.outputs.tags }}
 ```
