bake: sign github actions cache blobs

Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>

Author: crazy-max

.github/workflows/bake.yml

@@ -424,36 +424,21 @@ jobs:
             
             const ghaCacheSignScriptPath = path.join(os.tmpdir(), `ghacache-sign-script.sh`);
             core.info(`Writing GitHub Actions cache sign script to ${ghaCacheSignScriptPath}`);
-            await fs.writeFileSync(ghaCacheSignScriptPath, inpGHACacheSignScript);
+            await fs.writeFileSync(ghaCacheSignScriptPath, inpGHACacheSignScript, {mode: 0o700});
             
             core.info(`Copying GitHub Actions cache sign script to BuildKit container ${containerName}`);
             await exec.exec('docker', [
               'cp',
               ghaCacheSignScriptPath,
               `${containerName}:/usr/bin/ghacache-sign-script.sh`
             ]);
-            await exec.exec('docker', [
-              'exec',
-              containerName,
-              'chmod', '+x', '/usr/bin/ghacache-sign-script.sh'
-            ]);
-            await exec.exec('docker', [
-              'exec',
-              containerName,
-              'cat', '/usr/bin/ghacache-sign-script.sh'
-            ]);
             
             core.info(`Copying cosign binary to BuildKit container ${containerName}`);
             await exec.exec('docker', [
               'cp',
               cosignPath,
               `${containerName}:/usr/bin/cosign`
             ]);
-            await exec.exec('docker', [
-              'exec',
-              containerName,
-              'chmod', '+x', '/usr/bin/cosign'
-            ]);
       -
         name: Prepare
         id: prepare