From a93217ce90869d8c6852a82a385acae622f175ff Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vojt=C4=9Bch=20Mare=C5=A1?= <vojtech@mares.cz>
Date: Mon, 8 Sep 2025 15:21:52 +0200
Subject: [PATCH] refactor: sign multiple images instead of only one
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Vojtěch Mareš <vojtech@mares.cz>
---
 .woodpecker/release.yaml | 8 ++++----
 Dockerfile               | 2 +-
 doc.md => docs.md        | 6 ++++--
 entrypoint.sh            | 8 +++++---
 4 files changed, 14 insertions(+), 10 deletions(-)
 rename doc.md => docs.md (83%)

diff --git a/.woodpecker/release.yaml b/.woodpecker/release.yaml
index 8c7b394..f6e0518 100644
--- a/.woodpecker/release.yaml
+++ b/.woodpecker/release.yaml
@@ -51,7 +51,7 @@ steps:
     commands:
       - echo $COSIGN_KEY > ./cosign.key
 
-  check-cosign-key:
-    image: alpine
-    commands:
-      - ls
+  sign-next:
+    image: registry.mareshq.com/woodpecker-plugins/cosign-sign:next
+    settings:
+      image: registry.mareshq.com/woodpecker-plugins/cosign-sign:next
diff --git a/Dockerfile b/Dockerfile
index c5f03bf..bc967a5 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,6 +1,6 @@
 FROM alpine:3.22
 
-RUN apk add --no-cache ca-certificates cosign
+RUN apk add --no-cache ca-certificates cosign jq
 
 COPY entrypoint.sh /entrypoint.sh
 
diff --git a/doc.md b/docs.md
similarity index 83%
rename from doc.md
rename to docs.md
index 0a12aee..c66cea2 100644
--- a/doc.md
+++ b/docs.md
@@ -18,12 +18,14 @@ steps:
   prettier:
     image: registry.mareshq.com/woodpecker-plugins/cosign-sign
     settings:
-      image: registry.example.com/app:latest
+      images:
+        - registry.example.com/app:latest
+        - registry.example.com/app:v1
 ```
 
 ## Settings
 
 | Settings Name | Type    | Default | Description                                                                 |
 | ------------- | ------- | ------- | --------------------------------------------------------------------------- |
-| `image`       | string | empty    | Image name including tag. |
+| `images`       | string | empty    | List of image names including tag. |
 | `key_path`       | string | `./cosign.key`    | Path to signing key |
diff --git a/entrypoint.sh b/entrypoint.sh
index 27dca74..2a9a042 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -1,8 +1,10 @@
 #! /bin/sh
 
-if [ -z ${PLUGIN_IMAGE+x} ]; then
-    echo "ERROR: image setting is required."
+if [ -z ${PLUGIN_IMAGES+x} ]; then
+    echo "ERROR: images setting is required."
     exit 1
 fi
 
-cosign sign --key "${PLUGIN_KEY_PATH:-"./cosign.key"}" "${PLUGIN_IMAGE}"
+echo "${PLUGIN_IMAGES}" | jq '.[]' | while read -r image; do
+    cosign sign --key "${PLUGIN_KEY_PATH:-"./cosign.key"}" "${image}"
+done