CI: Use a GH variable for IMAGE_URI

.github/workflows/build-push-image.yml

@@ -273,8 +273,13 @@ jobs:
       COSIGN_YES: true
     needs:
       - merge
-    # outputs: add signature location ?
+    outputs:
+      image_uri: ${{ steps.params.outputs.image_uri }}
     steps:
+      - name: Prepare env
+        run: |-
+          echo "IMAGE_URI=${{ inputs.registry }}/${{ inputs.image_name }}:${{ needs.merge.outputs.tag }}@${{ needs.merge.outputs.digest_root }}" >> $GITHUB_ENV
+
       - name: Install Cosign
         uses: sigstore/cosign-installer@d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a
         with:
@@ -309,15 +314,14 @@ jobs:
 
       - name: Sign container
         run: |-
-          export IMAGE_URI="${{ inputs.registry }}/${{ inputs.image_name }}:${{ needs.merge.outputs.tag }}@${{ needs.merge.outputs.digest_root }}"
+          cosign sign -d --yes --key=${{ inputs.key_name }}.key "${{ env.IMAGE_URI }}"
-          cosign sign -d --yes --key=${{ inputs.key_name }}.key "$IMAGE_URI"
         shell: bash
 
       - name: Get the container image from the registry
         # It contains the image and the signatures
         run: |-
-          export IMAGE_URI="${{ inputs.registry }}/${{ inputs.image_name }}:${{ needs.merge.outputs.tag }}@${{ needs.merge.outputs.digest_root }}"
+          cosign save ${{ env.IMAGE_URI }} --dir dz-container
-          cosign save $IMAGE_URI --dir dz-container
+          mkdir share
           cd dz-container
           tar -cvf ../share/container.tar .
           cd ..
@@ -326,7 +330,7 @@ jobs:
         id: cache-container-image
         uses: actions/cache@v4
         with:
-          key: v6-container-${{ inputs.registry }}/${{ inputs.image_name }}:${{ needs.merge.outputs.tag }}@${{ needs.merge.outputs.digest_root }}"
+          key: v6-container-${{ env.IMAGE_URI }}
           path: |-
             share/container.tar