cosign
Sign a container image using Cosign
Installation
dagger install github.com/opopops/daggerverse/cosign@v1.6.3Entrypoint
Return Type
Cosign !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| image | String ! | "cgr.dev/chainguard/wolfi-base:latest" | wolfi-base image |
| version | String ! | "latest" | Cosign version |
| user | String ! | "65532" | Image user |
| dockerConfig | File | null | Docker config file |
Example
dagger -m github.com/opopops/daggerverse/cosign@7cf8f05423e0a8da381fb51298187022285c553c call \
--image string --version string --user stringfunc (m *MyModule) Example(image string, version string, user string) *dagger.Cosign {
return dag.
Cosign(image, version, user)
}@function
def example(image: str, version: str, user: str, ) -> dagger.Cosign:
return (
dag.cosign(image, version, user)
)@func()
example(image: string, version: string, user: string, ): Cosign {
return dag
.cosign(image, version, user)
}Types
Cosign 🔗
Cosign CLI
attest() 🔗
Attest image with Cosign
Return Type
String !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| image | String ! | - | Image digest URI |
| predicate | File ! | - | path to the predicate file |
| privateKey | Secret | null | Cosign private key |
| password | Secret | null | Cosign password |
| type | String ! | "" | Specify a predicate type |
| oidcProvider | String ! | "" | Specify the provider to get the OIDC token from |
| oidcIssuer | String ! | "" | OIDC provider to be used to issue ID toke |
| recursive | Boolean ! | false | If a multi-arch image is specified, additionally sign each discrete image |
Example
dagger -m github.com/opopops/daggerverse/cosign@7cf8f05423e0a8da381fb51298187022285c553c call \
--image string --version string --user string attest --image string --predicate file:path --type string --oidc-provider string --oidc-issuer string --recursive booleanfunc (m *MyModule) Example(ctx context.Context, image string, version string, user string, image1 string, predicate *dagger.File, type string, oidcProvider string, oidcIssuer string, recursive bool) string {
return dag.
Cosign(image, version, user).
Attest(ctx, image1, predicate, type, oidcProvider, oidcIssuer, recursive)
}@function
async def example(image: str, version: str, user: str, image1: str, predicate: dagger.File, type: str, oidc_provider: str, oidc_issuer: str, recursive: bool) -> str:
return await (
dag.cosign(image, version, user)
.attest(image1, predicate, type, oidc_provider, oidc_issuer, recursive)
)@func()
async example(image: string, version: string, user: string, image1: string, predicate: File, type: string, oidcProvider: string, oidcIssuer: string, recursive: boolean): Promise<string> {
return dag
.cosign(image, version, user)
.attest(image1, predicate, type, oidcProvider, oidcIssuer, recursive)
}container() 🔗
Returns container
Return Type
Container !Example
dagger -m github.com/opopops/daggerverse/cosign@7cf8f05423e0a8da381fb51298187022285c553c call \
--image string --version string --user string containerfunc (m *MyModule) Example(image string, version string, user string) *dagger.Container {
return dag.
Cosign(image, version, user).
Container()
}@function
def example(image: str, version: str, user: str, ) -> dagger.Container:
return (
dag.cosign(image, version, user)
.container()
)@func()
example(image: string, version: string, user: string, ): Container {
return dag
.cosign(image, version, user)
.container()
}sign() 🔗
Sign image with Cosign
Return Type
String !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| image | String ! | - | Image digest URI |
| privateKey | Secret | null | Cosign private key |
| password | Secret | null | Cosign password |
| oidcProvider | String ! | "" | Specify the provider to get the OIDC token from |
| oidcIssuer | String ! | "" | OIDC provider to be used to issue ID toke |
| recursive | Boolean ! | false | If a multi-arch image is specified, additionally sign each discrete image |
Example
dagger -m github.com/opopops/daggerverse/cosign@7cf8f05423e0a8da381fb51298187022285c553c call \
--image string --version string --user string sign --image string --oidc-provider string --oidc-issuer string --recursive booleanfunc (m *MyModule) Example(ctx context.Context, image string, version string, user string, image1 string, oidcProvider string, oidcIssuer string, recursive bool) string {
return dag.
Cosign(image, version, user).
Sign(ctx, image1, oidcProvider, oidcIssuer, recursive)
}@function
async def example(image: str, version: str, user: str, image1: str, oidc_provider: str, oidc_issuer: str, recursive: bool) -> str:
return await (
dag.cosign(image, version, user)
.sign(image1, oidc_provider, oidc_issuer, recursive)
)@func()
async example(image: string, version: string, user: string, image1: string, oidcProvider: string, oidcIssuer: string, recursive: boolean): Promise<string> {
return dag
.cosign(image, version, user)
.sign(image1, oidcProvider, oidcIssuer, recursive)
}withAttest() 🔗
Attest image with Cosign (For chaining)
Return Type
Cosign !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| image | String ! | - | Image digest URI |
| predicate | File ! | - | path to the predicate file |
| privateKey | Secret | null | Cosign private key |
| password | Secret | null | Cosign password |
| type | String ! | "" | Specify a predicate type |
| oidcProvider | String ! | "" | Specify the provider to get the OIDC token from |
| oidcIssuer | String ! | "" | OIDC provider to be used to issue ID toke |
| recursive | Boolean ! | false | If a multi-arch image is specified, additionally sign each discrete image |
Example
dagger -m github.com/opopops/daggerverse/cosign@7cf8f05423e0a8da381fb51298187022285c553c call \
--image string --version string --user string with-attest --image string --predicate file:path --type string --oidc-provider string --oidc-issuer string --recursive booleanfunc (m *MyModule) Example(image string, version string, user string, image1 string, predicate *dagger.File, type string, oidcProvider string, oidcIssuer string, recursive bool) *dagger.Cosign {
return dag.
Cosign(image, version, user).
WithAttest(image1, predicate, type, oidcProvider, oidcIssuer, recursive)
}@function
def example(image: str, version: str, user: str, image1: str, predicate: dagger.File, type: str, oidc_provider: str, oidc_issuer: str, recursive: bool) -> dagger.Cosign:
return (
dag.cosign(image, version, user)
.with_attest(image1, predicate, type, oidc_provider, oidc_issuer, recursive)
)@func()
example(image: string, version: string, user: string, image1: string, predicate: File, type: string, oidcProvider: string, oidcIssuer: string, recursive: boolean): Cosign {
return dag
.cosign(image, version, user)
.withAttest(image1, predicate, type, oidcProvider, oidcIssuer, recursive)
}withRegistryAuth() 🔗
Authenticate with registry
Return Type
Cosign !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| username | String ! | - | Registry username |
| secret | Secret ! | - | Registry password |
| address | String ! | "docker.io" | Registry host |
Example
dagger -m github.com/opopops/daggerverse/cosign@7cf8f05423e0a8da381fb51298187022285c553c call \
--image string --version string --user string with-registry-auth --username string --secret env:MYSECRET --address stringfunc (m *MyModule) Example(image string, version string, user string, username string, secret *dagger.Secret, address string) *dagger.Cosign {
return dag.
Cosign(image, version, user).
WithRegistryAuth(username, secret, address)
}@function
def example(image: str, version: str, user: str, username: str, secret: dagger.Secret, address: str) -> dagger.Cosign:
return (
dag.cosign(image, version, user)
.with_registry_auth(username, secret, address)
)@func()
example(image: string, version: string, user: string, username: string, secret: Secret, address: string): Cosign {
return dag
.cosign(image, version, user)
.withRegistryAuth(username, secret, address)
}withSign() 🔗
Sign image with Cosign (For chaining)
Return Type
Cosign !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| image | String ! | - | Image digest URI |
| privateKey | Secret | null | Cosign private key |
| password | Secret | null | Cosign password |
| oidcProvider | String ! | "" | Specify the provider to get the OIDC token from |
| oidcIssuer | String ! | "" | OIDC provider to be used to issue ID toke |
| recursive | Boolean ! | false | If a multi-arch image is specified, additionally sign each discrete image |
Example
dagger -m github.com/opopops/daggerverse/cosign@7cf8f05423e0a8da381fb51298187022285c553c call \
--image string --version string --user string with-sign --image string --oidc-provider string --oidc-issuer string --recursive booleanfunc (m *MyModule) Example(image string, version string, user string, image1 string, oidcProvider string, oidcIssuer string, recursive bool) *dagger.Cosign {
return dag.
Cosign(image, version, user).
WithSign(image1, oidcProvider, oidcIssuer, recursive)
}@function
def example(image: str, version: str, user: str, image1: str, oidc_provider: str, oidc_issuer: str, recursive: bool) -> dagger.Cosign:
return (
dag.cosign(image, version, user)
.with_sign(image1, oidc_provider, oidc_issuer, recursive)
)@func()
example(image: string, version: string, user: string, image1: string, oidcProvider: string, oidcIssuer: string, recursive: boolean): Cosign {
return dag
.cosign(image, version, user)
.withSign(image1, oidcProvider, oidcIssuer, recursive)
}