Failure in TUF-on-CI online signing

[sigstore-bot]

Workflow run failed for TUF-on-CI online signing.

Failed run: https://github.com/sigstore/root-signing/actions/runs/10666187470

CC @sigstore/tuf-root-signing-codeowners, please have a look.

[jku]

This failure happened after (the second) attempt at merging initial signing event: looks like the signing succceeds but push to main does not.

Online sign (snapshot & timestamp)
[main 1fb8aaa] Online sign (snapshot & timestamp)
 2 files changed, 11 insertions(+), 26 deletions(-)
remote: error: GH006: Protected branch update failed for refs/heads/main.        
remote: error: 2 of 2 required status checks are expected.        
To https://github.com/sigstore/root-signing
 ! [remote rejected] HEAD -> main (protected branch hook declined)

The reason seems to be that there are required status checks (DCO and yamllint). This was fine in the previous system where the commit was included in the PR (which was then automatically merged) but does not work in new system where the commit is just automatically merged to main -- status checks are not available in this case

[sigstore-bot]

Workflow run failed for TUF-on-CI online signing.

Failed run: https://github.com/sigstore/root-signing/actions/runs/10668039366