cosign
https://github.com/sigstore/cosign
Go
Container Signing
Triage Issues!
When you volunteer to triage issues, you'll receive an email each day with a link to an open issue that needs help in this project. You'll also receive instructions on how to triage issues.
Triage Docs!
Receive a documented method or class from your favorite GitHub repos in your inbox every day. If you're really pro, receive undocumented methods or classes and supercharge your commit history.
Go not yet supported2 Subscribers
Add a CodeTriage badge to cosign
Help out
- Issues
- `dockerfile verify` command fails when stage names are used in `FROM`
- Migration of Public API in support of sigstore-go migration
- TUF client unit tests are messy and use network calls
- RFE: Support configuration to map image references to different sigstore deployments
- Error: could not parse transit key keys data as map[string]interface{}
- Add OCI image annotations to gcr.io/projectsigstore/cosign images
- Allow signing local image without registry access
- AWS KMS Keys appear to only be able to use RSASSA_PKCS1_V1_5_SHA_256 signing algorithm
- sign: Include rekor entry ID in output
- Bundle inspection and generation utilities
- Docs
- Go not yet supported