cosign
cosign copied to clipboard
sigstore
Code signing and transparency for containers and binaries
**Question** `cosign generate-key-pair` was certainly easy enough to run. But it's not clear to me how to re-encrypt the private key with a different password. This is a pretty obvious...
#### Summary When using `cosign save` with dozens, or in my case, hundreds of images, the storage consumption can really add up with each image requiring their own directory. There's...
Currently, `cosign import-key-pair` only has support for [RSA and ECDSA keys in PEM format](https://docs.sigstore.dev/cosign/import-keypair/) and does not offer support for importing GPG keys. The motivations for supporting import of GPG...
**Description** _I've filed similar issues under Cosign and Rekor. I realise there's a lot of overlap in maintainers, but wanted to make sure that we discuss each project that we...
https://github.com/google-github-actions/setup-gcloud#workload-identity-federation-preferred Follow-up to https://github.com/sigstore/cosign/pull/1170
The Vault transit engine has a fundamental feature for rotating keys (https://www.vaultproject.io/docs/secrets/transit), therefore each digest returned from vault has a prefix identifying the version of the used key. For example...
**Description** Having `--allow-insecure-registry` should work for BOTH insecure and secure registries (as the name suggests "allow"). If `--allow-insecure-registry` flag is set, cosign will fail to resolve DNS for even secure...
**Description** The repositories for Sigstore have a readme.md file that describes some of what is going on with the associated modules in the docs folder. In addition, there are some...
**Question** Hi, I want to pull an image from a repo, and verify my locally pulled image in my local docker cache, NOT directly against the public repo. Is that...
Hello, I have generated a key-pair using `./cosign-darwin-amd64 generate-key-pair` i used it to sign several container images. And now i want to import the key-pair into GCPKMS to store it...
