Skip to content

Latest commit

 

History

History
 
 

.cosign

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
cosign.pub
cosign.pub
 
 

README.md

Podinfo signed releases

Podinfo deployment manifests are published to GitHub Container Registry as OCI artifacts and are signed using cosign.

Verify the artifacts with cosign

Install the cosign CLI:

brew install sigstore/tap/cosign

Verify a podinfo release with cosign CLI:

cosign verify -key https://raw.githubusercontent.com/stefanprodan/podinfo/master/cosign/cosign.pub \
ghcr.io/stefanprodan/podinfo-deploy:latest

Download the artifacts with crane

Install the crane CLI:

brew install crane

Download the podinfo deployment manifests with crane CLI:

$ crane export ghcr.io/stefanprodan/podinfo-deploy:latest -| tar -xf - 

$ ls -1
deployment.yaml
hpa.yaml
kustomization.yaml
service.yaml