ChrisJBurns
commented
1 year ago For those reading, we've had an increasing need for this functionality for our own internal project as we are using Cosign and having to do this in separate tasks is becoming increasingly tricky to do due to several awkward factors. I've got something to work and will be using this internally as a trial and if everything looks go with no issues, I will raise the PR for this repository and hopefully others can benefit from this.
Changes can be found here (subject to change if we need to tweak certain bits): https://github.com/concourse/registry-image-resource/compare/master...ChrisJBurns:registry-image-resource:adds-cosign-support?expand=1
theabrar
We are using Harbor to host our images and we're noticing that the newer versions of Harbor now won't be supporting Notary for their image signing methods and are aligning more with the Cosign toolstack.
Can we get support for signing of images with Cosign?