chore: comment out sign/provenance due to an issue

.github/workflows/release-workflow.yml

@@ -68,39 +68,40 @@ jobs:
           username: ${{ inputs.secret_registry && secrets[inputs.username] || inputs.username }}
           password: ${{ secrets[inputs.password] }}
 
-  sign:
-    runs-on: ubuntu-latest
-    needs: [build]
-    permissions:
-      actions: read
-      id-token: write
-      packages: write
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-      - name: Sign image with cosign
-        uses: ./.github/workflows/release_sign
-        with:
-          image: ${{ format('{0}-{1}', vars[inputs.image], inputs.arch) }}
-          digest: ${{ needs.build.outputs.digest }}
-          identity: https://github.com/${{ inputs.org }}/rancher-turtles/.github/workflows/release.yaml@refs/tags/${{ inputs.tag }}
-          oids-issuer: https://token.actions.githubusercontent.com
-          registry: ${{ inputs.secret_registry && secrets[inputs.registry] || inputs.registry }}
-          username: ${{ inputs.secret_registry && secrets[inputs.username] || inputs.username }}
-          password: ${{ secrets[inputs.password] }}
+# NOTE: commented out due to an issue with the v0.3.0 release. This will be fixed in a later patch release.concurrency: 
+  # sign:
+  #   runs-on: ubuntu-latest
+  #   needs: [build]
+  #   permissions:
+  #     actions: read
+  #     id-token: write
+  #     packages: write
+  #   steps:
+  #     - name: Checkout
+  #       uses: actions/checkout@v4
+  #       with:
+  #         fetch-depth: 0
+  #     - name: Sign image with cosign
+  #       uses: ./.github/workflows/release_sign
+  #       with:
+  #         image: ${{ format('{0}-{1}', vars[inputs.image], inputs.arch) }}
+  #         digest: ${{ needs.build.outputs.digest }}
+  #         identity: https://github.com/${{ inputs.org }}/rancher-turtles/.github/workflows/release.yaml@refs/tags/${{ inputs.tag }}
+  #         oids-issuer: https://token.actions.githubusercontent.com
+  #         registry: ${{ inputs.secret_registry && secrets[inputs.registry] || inputs.registry }}
+  #         username: ${{ inputs.secret_registry && secrets[inputs.username] || inputs.username }}
+  #         password: ${{ secrets[inputs.password] }}
 
-  provenance:
-    needs: [sign, build]
-    permissions:
-      actions: read
-      id-token: write
-      packages: write
-    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v1.9.0
-    with:
-      digest: ${{ needs.build.outputs.digest }}
-      image: ${{ format('{0}-{1}', vars[inputs.image], inputs.arch) }}
-    secrets:
-      registry-username: ${{ inputs.secret_registry && secrets[inputs.username] || inputs.username }}
-      registry-password: ${{ secrets[inputs.password] }}
+  # provenance:
+  #   needs: [sign, build]
+  #   permissions:
+  #     actions: read
+  #     id-token: write
+  #     packages: write
+  #   uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v1.9.0
+  #   with:
+  #     digest: ${{ needs.build.outputs.digest }}
+  #     image: ${{ format('{0}-{1}', vars[inputs.image], inputs.arch) }}
+  #   secrets:
+  #     registry-username: ${{ inputs.secret_registry && secrets[inputs.username] || inputs.username }}
+  #     registry-password: ${{ secrets[inputs.password] }}