Matteo Mortari

icon indicating a website link youtube.com/@MatteoMortari

icon company Red Hat @RedHatOfficial

Results 405 comments of Matteo Mortari

Unable to replicate keyless `cosign sign ...` using basic Env

> maybe you are aware but I'll mention that you don't need to code to replicate the cosign example thanks @jku I'm very new, so kindly let me ask a...

Unable to replicate keyless `cosign sign ...` using basic Env

I am using: seems to me downloading exactly the same per previous https://github.com/sigstore/sigstore-python/issues/1609#issuecomment-3523911518 resulting in: ps, not sure I got why `12.` in the `12.root.json` 🤔

Unable to replicate keyless `cosign sign ...` using basic Env

I've given a further attempt, but I'm still not able to instantiate the `ClientTrustConfig` I've inspected the TUF instance as suggested by [this comment](https://github.com/sigstore/sigstore-python/issues/1609#issuecomment-3528065359), and I found I can programmatically...

Unable to replicate keyless `cosign sign ...` using basic Env

> 1. TUF update issue `Failed to refresh TUF metadata` -- I provided the code to correctly handle this in [Unable to replicate keyless `cosign sign ...` using basic Env ...

Unable to replicate keyless `cosign sign ...` using basic Env

yeah, but the `trusted_root.json` looks to me correct, only ```json { "mediaType": "application/vnd.dev.sigstore.trustedroot+json;version=0.1", "tlogs": [ ... ], "certificateAuthorities": [ ,,, ], "ctlogs": [ { "baseUrl": "https://ctlog. ...", "hashAlgorithm": "SHA2_256", "publicKey":...