`--upload=false` doesn't work in cosign v3

**Description**

In v2.x, `cosign sign --upload=false` would skip pushing anything to the registry.
Judging by goreleaser tests, it now tries to push it anyway.

See: 

- https://github.com/goreleaser/goreleaser/blob/8c0e69642db37a8e49ce5353b38416ff03ee9468/internal/pipe/sign/sign_docker_test.go#L57
- https://github.com/goreleaser/goreleaser/actions/runs/18616945525/job/53082755040#step:23:109

It is failing with UNAUTHORIZED errors because tests are not logged in into the registry on purpose. Point is, it shouldn't have tried to upload...

**Version**

v3.0.2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

`--upload=false` doesn't work in cosign v3 #4474

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

--upload=false doesn't work in cosign v3 #4474

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions

`--upload=false` doesn't work in cosign v3 #4474