Skip to content

Files

Latest commit

bd77584 · Oct 30, 2023

History

History

.cosign

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 

Podinfo signed releases

Podinfo release assets (container image, Helm chart, Flux artifact, Timoni module) are published to GitHub Container Registry and are signed with Cosign v2 keyless & GitHub Actions OIDC.

Verify podinfo with cosign

Install the cosign CLI:

brew install sigstore/tap/cosign

Container image

Verify the podinfo container image hosted on GHCR:

cosign verify ghcr.io/stefanprodan/podinfo:6.5.0 \
--certificate-identity-regexp="^https://github.com/stefanprodan/podinfo.*$" \
--certificate-oidc-issuer=https://token.actions.githubusercontent.com

Verify the podinfo container image hosted on Docker Hub:

cosign verify docker.io/stefanprodan/podinfo:6.5.0 \
--certificate-identity-regexp="^https://github.com/stefanprodan/podinfo.*$" \
--certificate-oidc-issuer=https://token.actions.githubusercontent.com

Helm chart

Verify the podinfo Helm chart hosted on GHCR:

cosign verify ghcr.io/stefanprodan/charts/podinfo:6.5.0 \
--certificate-identity-regexp="^https://github.com/stefanprodan/podinfo.*$" \
--certificate-oidc-issuer=https://token.actions.githubusercontent.com

Flux artifact

Verify the podinfo Flux artifact hosted on GHCR:

cosign verify ghcr.io/stefanprodan/manifests/podinfo:6.5.0 \
--certificate-identity-regexp="^https://github.com/stefanprodan/podinfo.*$" \
--certificate-oidc-issuer=https://token.actions.githubusercontent.com

Timoni module

Verify the podinfo Timoni module hosted on GHCR:

cosign verify ghcr.io/stefanprodan/modules/podinfo:6.5.0 \
--certificate-identity-regexp="^https://github.com/stefanprodan/podinfo.*$" \
--certificate-oidc-issuer=https://token.actions.githubusercontent.com