Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-09-19 12:34:44 -04:00
Code Issues Projects Releases Packages Wiki Activity

release: use cosign sign-blob in non-interative mode (#2953)

Browse source
This commit is contained in:
Malte Poll 2024-02-29 09:40:13 +01:00 committed by GitHub
parent 0b6eeb3747
commit 93eb8f0694
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

4
rfc/003-secure-software-distribution.md
View file

@ -69,7 +69,7 @@ This keypair could also be backed-up onto USB stick / SD card.
# COSIGN_PRIVATE_KEY=
# COSIGN_PUBLIC_KEY=
go build constellation
COSIGN_EXPERIMENTAL=1 cosign sign-blob --key env://COSIGN_PRIVATE_KEY constellation > constellation.sig
COSIGN_EXPERIMENTAL=1 cosign sign-blob --yes --key env://COSIGN_PRIVATE_KEY constellation > constellation.sig
# We provide: cosign.pub, constellation.sig, constellation
echo "$COSIGN_PUBLIC_KEY" > cosign.pub
cosign verify-blob --key cosign.pub --signature constellation.sig constellation
@ -130,7 +130,7 @@ measurements:
# Set these beforehand!
# COSIGN_PASSWORD=
# COSIGN_PRIVATE_KEY=
COSIGN_EXPERIMENTAL=1 cosign sign-blob --key cosign.key measurements.yaml > measurements.yaml.sig
COSIGN_EXPERIMENTAL=1 cosign sign-blob --yes --key cosign.key measurements.yaml > measurements.yaml.sig
```
```mermaid