mirror of
https://github.com/outbackdingo/talos-cloud-controller-manager.git
synced 2026-01-27 18:20:23 +00:00
562e7384f7
Helm chart and image signed by Cosign. Now you can verify that images were built GitHub Actions. Signed-off-by: Serge Logvinov <serge.logvinov@sinextra.dev>
1.2 KiB
1.2 KiB
Verify images
We'll be employing Cosing's keyless verifications to ensure that images were built in Github Actions.
Verify Helm chart
We will verify the keyless signature using the Cosign protocol.
cosign verify ghcr.io/siderolabs/charts/talos-cloud-controller-manager:0.2.1 --certificate-identity https://github.com/siderolabs/talos-cloud-controller-manager/.github/workflows/release-charts.yaml@refs/heads/main --certificate-oidc-issuer https://token.actions.githubusercontent.com
Verify containers
We will verify the keyless signature using the Cosign protocol.
# Edge version
cosign verify ghcr.io/siderolabs/talos-cloud-controller-manager:edge --certificate-identity https://github.com/siderolabs/talos-cloud-controller-manager/.github/workflows/build-edge.yaml@refs/heads/main --certificate-oidc-issuer https://token.actions.githubusercontent.com
# Releases
cosign verify ghcr.io/siderolabs/talos-cloud-controller-manager:v1.4.1 --certificate-identity https://github.com/siderolabs/talos-cloud-controller-manager/.github/workflows/release.yaml@refs/tags/v1.4.1 --certificate-oidc-issuer https://token.actions.githubusercontent.com