Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docs: Fix cosign instructions #2232

Merged
merged 1 commit into from Mar 17, 2024
Merged

docs: Fix cosign instructions #2232

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
8 changes: 4 additions & 4 deletions docs/content/en/docs/installation/verify.md
View file
Open in desktop
Expand Up @@ -20,13 +20,13 @@ Since version 0.8.4, all Tetragon container images are signed using cosign.
Let's verify a Tetragon image's signature using the `cosign verify` command:

```shell
COSIGN_EXPERIMENTAL=1 cosign verify --certificate-github-workflow-repository cilium/tetragon --certificate-oidc-issuer https://token.actions.githubusercontent.com <Image URL> | jq
cosign verify --certificate-github-workflow-repository cilium/tetragon --certificate-oidc-issuer https://token.actions.githubusercontent.com <Image URL> | jq
```

{{< note >}}
`COSIGN_EXPERIMENTAL=1` is used to allow verification of images signed in
KEYLESS mode. To learn more about keyless signing, please refer to [Keyless
Signatures](https://github.com/sigstore/cosign/blob/main/KEYLESS.md#keyless-signatures).
If you are using cosign < v2.0.0, you must set `COSIGN_EXPERIMENTAL=1`
environment variable to allow verification of images signed in KEYLESS mode.
To learn more about keyless signing, please refer to [Sigstore documentation](https://docs.sigstore.dev/signing/overview/).
{{< /note >}}

## Verify the SBOM signature
Expand Down