for signing w/ private Sigstore instance (#16)

Signed-off-by: Brian DeHamer <bdehamer@github.com>

.github/workflows/ci.yml

@@ -60,6 +60,8 @@ jobs:
       - name: Run attest-sbom
         id: attest-sbom
         uses: ./
+        env:
+          INPUT_PRIVATE-SIGNING: 'true'
         with:
           subject-digest: 'sha256:7d070f6b64d9bcc530fe99cc21eaaa4b3c364e0b2d367d7735671fa202a03b32'
           subject-name: 'subject'
@@ -86,7 +88,10 @@ jobs:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           sbom-format: 'spdx'
       - name: Run attest-sbom with cyclonedx format
+        id: attest-sbom
         uses: ./
+        env:
+          INPUT_PRIVATE-SIGNING: 'true'
         with:
           subject-digest: 'sha256:7d070f6b64d9bcc530fe99cc21eaaa4b3c364e0b2d367d7735671fa202a03b32'
           subject-name: 'subject'