chore(actions): Separate containers by comma

.github/workflows/test-actions.yml

@@ -31,8 +31,7 @@ jobs:
       - name: Verify Chainguard images
         uses: ./verify
         with:
-          containers: |
-            bash
+          containers: apko, bash, busybox, caddy, vt
           cert-identity: https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main
           oidc-issuer: https://token.actions.githubusercontent.com
           registry: cgr.dev/chainguard

sign/action.yml

@@ -35,7 +35,9 @@ runs:
       shell: bash
       run: |
         REGISTRY=$(echo ${{ inputs.registry }} | awk '{print tolower($0)}')
-        cosign sign -y --key env://COSIGN_PRIVATE_KEY $REGISTRY/${CONTAINERS}@${TAGS}
+        for CONTAINER in $(echo "${CONTAINERS}" | tr "," "\n"); do
+          cosign sign -y --key env://COSIGN_PRIVATE_KEY $REGISTRY/${CONTAINER}@${TAGS}
+        done
       env:
         CONTAINERS: ${{ inputs.containers }}
         COSIGN_EXPERIMENTAL: false

verify/action.yml

@@ -30,9 +30,13 @@ runs:
       run: |
         REGISTRY=$(echo ${{ inputs.registry }} | awk '{print tolower($0)}')
         if [[ -n "${{ inputs.cert-identity }}" && -n "${{ inputs.oidc-issuer }}" ]]; then
-          cosign verify $REGISTRY/${CONTAINERS} --certificate-identity=${{ inputs.cert-identity }} --certificate-oidc-issuer=${{ inputs.oidc-issuer }}
+          for CONTAINER in $(echo "${CONTAINERS}" | tr "," "\n"); do
+            cosign verify $REGISTRY/${CONTAINER} --certificate-identity=${{ inputs.cert-identity }} --certificate-oidc-issuer=${{ inputs.oidc-issuer }}
+          done
         elif [[ -n "${{ inputs.pubkey }}" ]]; then
-          cosign verify --key ${{ inputs.pubkey }} $REGISTRY/${CONTAINERS}
+          for CONTAINER in $(echo "${CONTAINERS}" | tr "," "\n"); do
+            cosign verify --key ${{ inputs.pubkey }} $REGISTRY/${CONTAINER}
+          done
         else
           exit 1
         fi