-
When using cleos plugin + cosign transaction plugin, the action payload will cause a conflict since it doesn't contain the cosigner signature.
@aaroncox any thoughts on this?
```bash
cleos -u h…
-
In #36 we introduced support for using the _cosign_ tool with the `cosign_attest` and `cosign_sign` rules. Both of those require a registered toolchain for _cosign_. The _cosign/repositories.bzl_ file…
-
**Question**
step 1 sign image with regular cosign
step2 sign image with COSIGN_EXPERIMENTAL=1 and --registry-referrers-mode oci-1-1
step3 get new signature manifest, will including all precedin…
-
Cosign supports a number of cryptographic signers that witness currently does not. Some examples include Azure Key Vault, PKCS#11, and some hardware tokens. Instead of trying to keep in sync with ever…
-
### Is your feature request related to a problem? Please describe.
As Ezra I want a configurable way to enforce verification of image signatures on Pod admission to the cluster so that I can have mor…
-
**What would you like to be added**:
**Why is this needed**:
In cosign, we (w/@dentrax @dlorenc) worked on generating a spec for vulnerabilities[^1] and ended up having something like the follow…
-
Hello,
We use kaniko and cosign to build/sign our images and I see that [Kaniko uses cosign](https://github.com/GoogleContainerTools/kaniko/pull/1611/files) too.
Also cosign is not "integrated" …
-
cosign has quickly become the container signing solution of choice. We should write out an RFC detailing out various integration points with cosign and buildpacks (image signing, sbom attachment, sbom…
-
-
### Thema / Theme
Frontend
### Omschrijving / Description
**Globaal**
* [ ] Het woord "mede-ondertekener" moet worden "mede-ondertekenaar"
* Bij het gebruik van een link in de mede-onde…