Cosign tutorial - signing OCI artifacts.
Posted August 23, 2022 by Thomas Kooi ‐ 1 min read
Workshop available for using Avisi Managed Environments & GitOps with FluxCD
Cosign allows us to sign our container images and verify the integrity when pulling images from our registry. We have published a tutorial a tutorial on how to use cosign to sign your OCI artifacts.
Cosign is a project part of sigstore, an effort to introduce a new standard for signing, verifying and protecting software.
You can find the tutorial on our GitHub.