search

sigstore / cosign

Code signing and transparency for containers and binaries
Apache License 2.0
4.24k stars 507 forks source link

add oci bundle spec #3622

Closed bdehamer closed 3 months ago

bdehamer commented 3 months ago

Closes: #3577

Summary

Adds a new spec doc which describes the scheme for publishing/retrieving Sigstore bundles to/from an OCI registry.

Rendered version

codecov[bot] commented 3 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 40.41%. Comparing base (2ef6022) to head (8892db3). Report is 60 commits behind head on main.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #3622 +/- ## ========================================== + Coverage 40.10% 40.41% +0.31% ========================================== Files 155 155 Lines 10044 10087 +43 ========================================== + Hits 4028 4077 +49 + Misses 5530 5517 -13 - Partials 486 493 +7 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

haydentherapper commented 3 months ago

@bdehamer, great work on this, LGTM! I'll leave it open til mid next week in case there's any other comments.

haydentherapper commented 3 months ago

Merging now, thanks all for the discussion, and thanks @bdehamer for authoring the spec!