Skip to content

openpubkey/verify-docker-cli-plugin

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

docker verify CLI plugin

asciicast example

A docker CLI plugin for verifying signed attestations on images.

This plugin uses the OpenPubkey signed-attestations library to verify OpenPubkey tokens inside signed in-toto attestations.

Installation

To build with Go and install as a docker CLI plugin:

$ go build -o ~/.docker/cli-plugins/docker-verify cmd/docker-verify/main.go

Usage

$ docker verify IMAGE --repo-owner-id OWNER_ID

OWNER_ID is the Github ID of the organization or user that owns the source repository. This must match the owner in the OIDC ID token from the GitHub Actions run.

Example

$ docker verify openpubkey/demo:main --repo-owner-id 145685596

About

A docker CLI plugin for verifying signed attestations on images

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages