The existing apko-snapshot action allows the signing of images with "keyless" signing, which is based on identities (see). Even though this is the recommended approach, there are cases where it may be interesting to let users be responsible for the key management.
If this makes sense for the project, I can open a pull request adding this feature.
Hey 👋🏻
Description
The existing
apko-snapshot
action allows the signing of images with "keyless" signing, which is based on identities (see). Even though this is the recommended approach, there are cases where it may be interesting to let users be responsible for the key management.If this makes sense for the project, I can open a pull request adding this feature.
Let me know your thoughts. Thanks!