Fix cosign

.github/workflows/build.yaml

@@ -71,20 +71,14 @@ jobs:
 
       - name: Sign the Docker image ✍️
         if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags')
-        run: |
-          for tag in ${{ steps.meta.outputs.tags }}; do
-            cosign sign --key env://COSIGN_PRIVATE_KEY docker.io/${{ tag }}
-          done
+        run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign --key env://COSIGN_PRIVATE_KEY docker.io/{}
         env:
           COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
           COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
 
       - name: Verify the Docker image signature ✅
         if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags')
-        run: |
-          for tag in ${{ steps.meta.outputs.tags }}; do
-            cosign verify --key env://COSIGN_PUBLIC_KEY docker.io/${{ tag }}
-          done
+        run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign verify --key env://COSIGN_PUBLIC_KEY docker.io/{}
         env:
           COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }}