Description
Observed in CI on :cosign attest --yes --predicate <file> --type <type> <image>@sha256:…:
Error: signing ...: signing bundle: error signing bundle: [POST /api/v1/log/entries][409]
createLogEntryConflict {"code":409,"message":"an equivalent entry already exists in the transparency log with UUID 108e9186e8c5677a…"}
#3356 solved it but my guess is that this is v2 signing and it's a different branch that doesn't handle the idempotency the same way
Looks like the error is coming from: https://github.com/sigstore/cosign/blob/main/pkg/cosign/bundle/sign.go#L122-L146
Version
Run sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003
with:
cosign-release: v3.0.5
install-dir: $HOME/.cosign
use-sudo: false
env:
REGISTRY_IMAGE: kong/kong-event-gateway-dev
Description
Observed in CI on :
cosign attest --yes --predicate <file> --type <type> <image>@sha256:…:#3356 solved it but my guess is that this is v2 signing and it's a different branch that doesn't handle the idempotency the same way
Looks like the error is coming from: https://github.com/sigstore/cosign/blob/main/pkg/cosign/bundle/sign.go#L122-L146
Version