notation
notation copied to clipboard
notaryproject
A CLI tool to sign and verify artifacts
- [ ] Spec the CLI command - [ ] Implement the new list command, deciding the appropriate detailed output
* Along with signingKey(private key) we will need signing certificate and certificate chain as signing certificate and certchain will be embedded in signature envelope. * Also, how about using `default`...
To support filtering and targeting the specifically referenced artifact, we discussed adding an annotation to the manifest: https://github.com/SteveLasker/artifacts/blob/oci-artifact-manifest/artifact-manifest/net-monitor-image-signature.json ```json "annotations": { "org.cncf.notary.v2.signature.subject": "wabbit-networks.io" } ``` The nv2 client can filter...
Summary Implementing `notation inspect` command according to the spec #213 Intended Outcome `notation inspect` command works as defined in the spec Additional context
The [directory structure spec](https://github.com/notaryproject/notation/blob/main/specs/directory.md#system-level) calls out LibEx files to be placed in the root of `%ProgramFiles%`. Windows uses nested folders to isolate binaries and config specific to each executable. This...
As we hit RC1, we should queue up the normal installers, such as apt-get, winget, etc.
- [ ] Spec the CLI command - [ ] Implement the new cache command
Need to decide what we'll do for RC1, and what we'll do post RC1 to help users easily add and remove keys for signing. The assumption is this would transition...
The directory structure [spec](https://github.com/notaryproject/notation/pull/175) defines system and user level directory paths. When both paths are present, it may be required to give precedence to system or user level based on...
- [ ] Spec the CLI command - [ ] Implement the new pull command