cosign
https://github.com/sigstore/cosign
Go
Container Signing
Triage Issues!
When you volunteer to triage issues, you'll receive an email each day with a link to an open issue that needs help in this project. You'll also receive instructions on how to triage issues.
Triage Docs!
Receive a documented method or class from your favorite GitHub repos in your inbox every day. If you're really pro, receive undocumented methods or classes and supercharge your commit history.
Go not yet supported2 Subscribers
Add a CodeTriage badge to cosign
Help out
- Issues
- Private PKI cli constraint options
- Signing an attestation generates a misleading warning
- Issues with Signature Generation and Verification in cosign v2.4.0
- Intermediate cert and root CA must come via same source for verify to succeed
- BUG issue signing with LUNA HSM
- Smaller cosign-verify binary
- Support 'cosign sign' with private keys handled by SSH agent
- Cannot verify docker image locally with public key
- Attaching the signature artifact to the Image artifact
- how does the Sign and attach a certificate and certificate chain work
- Docs
- Go not yet supported