github-personal/proxmox-cloud-controller-manager
1
0
Fork 0
mirror of https://github.com/outbackdingo/proxmox-cloud-controller-manager.git synced 2026-01-27 10:20:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
proxmox-cloud-controller-ma…/docs/cosign.md
Serge Logvinov bc879ab871 feat: cosign images 
It helps to check that image was build in github-actions.

Signed-off-by: Serge Logvinov <serge.logvinov@sinextra.dev>
2023-08-06 10:49:26 +03:00

1.2 KiB
Raw Permalink Blame History

Verify images

We'll be employing Cosing's keyless verifications to ensure that images were built in Github Actions.

Verify Helm chart

We will verify the keyless signature using the Cosign protocol.

cosign verify ghcr.io/sergelogvinov/charts/proxmox-cloud-controller-manager:0.1.5 --certificate-identity https://github.com/sergelogvinov/proxmox-cloud-controller-manager/.github/workflows/release-charts.yaml@refs/heads/main --certificate-oidc-issuer https://token.actions.githubusercontent.com

Verify containers

We will verify the keyless signature using the Cosign protocol.

# Edge version
cosign verify ghcr.io/sergelogvinov/proxmox-cloud-controller-manager:edge --certificate-identity https://github.com/sergelogvinov/proxmox-cloud-controller-manager/.github/workflows/build-edge.yaml@refs/heads/main --certificate-oidc-issuer https://token.actions.githubusercontent.com

# Releases
cosign verify ghcr.io/sergelogvinov/proxmox-cloud-controller-manager:v0.2.0 --certificate-identity https://github.com/sergelogvinov/proxmox-cloud-controller-manager/.github/workflows/release.yaml@refs/heads/main --certificate-oidc-issuer https://token.actions.githubusercontent.com
Reference in New Issue View Git Blame Copy Permalink