/
Docker Image Verification(3.0)
Docker Image Verification(3.0)
- Former user (Deleted)
- Former user (Deleted)
- Jenni Wallin
Owned by Former user (Deleted)
All images are signed with the [cosign] (https://github.com/sigstore/cosign) tool.
In order to verify the signature of the docker images, install the "cosign" command line tool.
To verify the image:
Save the following public key to
cosign.pubfile:-----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEU95nqvgnrhrxLLU33rK6lt5qQZVU AUUEor1i8IGMQQnUOrnH0aRHv5i2AxX3vlgHIRtCUWyxtY52GSakFsNQMQ== -----END PUBLIC KEY-----
Execute the following command:
cosign verify --key cosign.pub ghcr.io/digitalroute-public/usage-engine-private-edition:<tag>
Example
cosign verify --key cosign.pub ghcr.io/digitalroute-public/usage-engine-private-edition:2.2.0
Output:
Verification for ghcr.io/digitalroute-public/usage-engine-private-edition:2.2.0 -- The following checks were performed on each of these signatures: - The cosign claims were validated - The signatures were verified against the specified public key [{"critical":{"identity":{"docker-reference":"ghcr.io/digitalroute-public/usage-engine-private-edition"},"image":{"docker-manifest-digest":"sha256:a91a8b812fb3c0cba61dd0247b9dbc6ffe2e8cefdba55ee5021df61ec23c29fd"},"type":"cosign container image signature"},"optional":null}]
, multiple selections available,
Related content
Installation (3.0)
Installation (3.0)
Read with this
Docker Image Verification(3.1)
Docker Image Verification(3.1)
More like this
Docker Image Verification(3.3)
Docker Image Verification(3.3)
More like this
Docker Image Verification(3.2)
Docker Image Verification(3.2)
More like this
Docker Image Verification(4.2)
Docker Image Verification(4.2)
More like this
Docker Image Verification(4.1)
Docker Image Verification(4.1)
More like this