From 13db94721aa5a67e4f0e01e8360b52f223d5a5de Mon Sep 17 00:00:00 2001
From: Carl Tashian <carl@smallstep.com>
Date: Thu, 28 Sep 2023 17:06:03 -0700
Subject: [PATCH] Fix cosign identity regexp

---
 .goreleaser.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.goreleaser.yml b/.goreleaser.yml
index 1dd1be0b..255659db 100644
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -164,11 +164,11 @@ release:
 
     ```
     cosign verify-blob \
-      --certificate ~/Downloads/step-ca_darwin_{{ .Version }}_amd64.tar.gz.sig.pem \
-      --signature ~/Downloads/step-ca_darwin_{{ .Version }}_amd64.tar.gz.sig \
-      --certificate-identity-regexp "https://github\.com/smallstep/certificates/.*" \
+      --certificate step-ca_darwin_{{ .Version }}_amd64.tar.gz.sig.pem \
+      --signature step-ca_darwin_{{ .Version }}_amd64.tar.gz.sig \
+      --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
       --certificate-oidc-issuer https://token.actions.githubusercontent.com \
-      ~/Downloads/step-ca_darwin_{{ .Version }}_amd64.tar.gz
+      step-ca_darwin_{{ .Version }}_amd64.tar.gz
     ```
 
     The `checksums.txt` file (in the `Assets` section below) contains a checksum for every artifact in the release.