cosign icon indicating copy to clipboard operation
cosign copied to clipboard

Published 20 hours ago verified publisher icon sigstore

cosign upload blob with identity-token

Open godofredoc opened this issue 3 years ago • 3 comments

Question Is it possible to use upload blob with an identity token? Looking in the documentation I found this is supported in the sign command with the --identity-token flag but could not find a similar option for upload blob.

godofredoc avatar Feb 11 '22 02:02 godofredoc

I think the identity token flag is mostly for signing. What are you trying to upload to?

dlorenc avatar Feb 11 '22 02:02 dlorenc

I'm trying to upload to gcr.io using something like:

echo "my first artifact" > artifact
cosign upload blob -f artifact gcr.io/flutter-dashboard-dev/artifact

The link returned in the error message suggests to use a service account but I'm trying to upload and sign artifacts from a CI system that uses short lived tokens for authentication.

godofredoc avatar Feb 11 '22 02:02 godofredoc

This is the full list of steps:

gcloud auth login
gcloud auth configure-docker gcr.io
echo "my first artifact" > artifact
cosign upload blob -f artifact gcr.io/flutter-dashboard-dev/artifact

The missing step was:

gcloud auth configure-docker gcr.io

godofredoc avatar May 04 '22 18:05 godofredoc

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 5 days.

github-actions[bot] avatar Aug 23 '22 02:08 github-actions[bot]

This issue was closed because it has been stalled for 5 days with no activity.

github-actions[bot] avatar Aug 29 '22 02:08 github-actions[bot]