Update sign output to note when signatures are pushed

cmd/cosign/cli/generate/generate_key_pair.go

@@ -144,13 +144,13 @@ func isTerminal() bool {
 func getPassFromTerm(confirm bool) ([]byte, error) {
 	fmt.Fprint(os.Stderr, "Enter password for private key: ")
 	pw1, err := term.ReadPassword(0)
+	fmt.Fprintln(os.Stderr)
 	if err != nil {
 		return nil, err
 	}
 	if !confirm {
 		return pw1, nil
 	}
-	fmt.Fprintln(os.Stderr)
 	fmt.Fprint(os.Stderr, "Enter password for private key again: ")
 	pw2, err := term.ReadPassword(0)
 	fmt.Fprintln(os.Stderr)

cmd/cosign/cli/sign/sign.go

@@ -203,15 +203,6 @@ func signDigest(ctx context.Context, digest name.Digest, payload []byte, ko KeyO
 		}
 	}
 
-	out := os.Stdout
-	if output != "" {
-		out, err = os.Create(output)
-		if err != nil {
-			return errors.Wrap(err, "create signature file")
-		}
-		defer out.Close()
-	}
-
 	var s icos.Signer
 	s = ipayload.NewSigner(sv, nil, nil)
 	s = ifulcio.NewSigner(s, sv.Cert, sv.Chain)
@@ -232,8 +223,17 @@ func signDigest(ctx context.Context, digest name.Digest, payload []byte, ko KeyO
 	if err != nil {
 		return err
 	}
-	if _, err := out.Write([]byte(b64sig)); err != nil {
-		return errors.Wrap(err, "write signature to file")
+
+	if output != "" {
+		out, err := os.Create(output)
+		if err != nil {
+			return errors.Wrap(err, "create signature file")
+		}
+		defer out.Close()
+
+		if _, err := out.Write([]byte(b64sig)); err != nil {
+			return errors.Wrap(err, "write signature to file")
+		}
 	}
 
 	if !upload {
@@ -252,6 +252,8 @@ func signDigest(ctx context.Context, digest name.Digest, payload []byte, ko KeyO
 		return errors.Wrap(err, "constructing client options")
 	}
 
+	fmt.Fprintln(os.Stderr, "Pushing signature to:", digest.Repository)
+
 	// Publish the signatures associated with this entity
 	if err := ociremote.WriteSignatures(digest.Repository, newSE, walkOpts...); err != nil {
 		return err