Dagger
Search

cosign

Sign a container image using Cosign

Installation

dagger install github.com/opopops/daggerverse/cosign@v1.8.0

Entrypoint

Return Type
Cosign !
Arguments
NameTypeDefault ValueDescription
imageString "cgr.dev/chainguard/wolfi-base:latest"wolfi-base image
versionString "latest"Cosign version
userString "65532"Image user
Example
dagger -m github.com/opopops/daggerverse/cosign@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
func (m *MyModule) Example() *dagger.Cosign  {
	return dag.
			Cosign()
}
@function
def example() -> dagger.Cosign:
	return (
		dag.cosign()
	)
@func()
example(): Cosign {
	return dag
		.cosign()
}

Types

Cosign 🔗

Cosign Module

attest() 🔗

Attest image with Cosign

Return Type
String !
Arguments
NameTypeDefault ValueDescription
imageString !-Image digest URI
predicateFile !-path to the predicate file
typeString !-Specify a predicate type
privateKeySecret nullCosign private key
passwordSecret -Cosign password
identityTokenSecret nullCosign identity token
oidcProviderString ""Specify the provider to get the OIDC token from
oidcIssuerString ""OIDC provider to be used to issue ID toke
recursiveBoolean falseIf a multi-arch image is specified, additionally sign each discrete image
Example
dagger -m github.com/opopops/daggerverse/cosign@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
 attest --image string --predicate file:path --type string
func (m *MyModule) Example(ctx context.Context, image string, predicate *dagger.File, type string) string  {
	return dag.
			Cosign().
			Attest(ctx, image, predicate, type)
}
@function
async def example(image: str, predicate: dagger.File, type: str) -> str:
	return await (
		dag.cosign()
		.attest(image, predicate, type)
	)
@func()
async example(image: string, predicate: File, type: string): Promise<string> {
	return dag
		.cosign()
		.attest(image, predicate, type)
}

clean() 🔗

Remove all signatures from an image

Return Type
String !
Arguments
NameTypeDefault ValueDescription
imageString !-Image digest URI
typeString "all"Type of clean
Example
dagger -m github.com/opopops/daggerverse/cosign@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
 clean --image string
func (m *MyModule) Example(ctx context.Context, image string) string  {
	return dag.
			Cosign().
			Clean(ctx, image)
}
@function
async def example(image: str) -> str:
	return await (
		dag.cosign()
		.clean(image)
	)
@func()
async example(image: string): Promise<string> {
	return dag
		.cosign()
		.clean(image)
}

container() 🔗

Returns container

Return Type
Container !
Example
dagger -m github.com/opopops/daggerverse/cosign@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
 container
func (m *MyModule) Example() *dagger.Container  {
	return dag.
			Cosign().
			Container()
}
@function
def example() -> dagger.Container:
	return (
		dag.cosign()
		.container()
	)
@func()
example(): Container {
	return dag
		.cosign()
		.container()
}

copy() 🔗

Copy the supplied container image and signatures

Return Type
String !
Arguments
NameTypeDefault ValueDescription
sourceString !-Source image
destinationString !-Destination image
platformScalar nullOnly copy container image and its signatures for a specific platform image
only[String ! ] []Custom string array to only copy specific items. ex: --only=sig,att,sbom
forceBoolean falseOverwrite destination image(s), if necessary
allowHttpRegistryBoolean falseWhether to allow using HTTP protocol while connecting to registries
allowInsecureRegistryBoolean falsewhether to allow insecure connections to registries
Example
dagger -m github.com/opopops/daggerverse/cosign@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
 copy --source string --destination string
func (m *MyModule) Example(ctx context.Context, source string, destination string) string  {
	return dag.
			Cosign().
			Copy(ctx, source, destination)
}
@function
async def example(source: str, destination: str) -> str:
	return await (
		dag.cosign()
		.copy(source, destination)
	)
@func()
async example(source: string, destination: string): Promise<string> {
	return dag
		.cosign()
		.copy(source, destination)
}

dockerConfig() 🔗

Returns the Docker config file

Return Type
File !
Example
dagger -m github.com/opopops/daggerverse/cosign@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
 docker-config
func (m *MyModule) Example() *dagger.File  {
	return dag.
			Cosign().
			DockerConfig()
}
@function
def example() -> dagger.File:
	return (
		dag.cosign()
		.docker_config()
	)
@func()
example(): File {
	return dag
		.cosign()
		.dockerConfig()
}

generateKeyPair() 🔗

Generate key pair

Return Type
Directory !
Arguments
NameTypeDefault ValueDescription
passwordSecret -Key password
Example
dagger -m github.com/opopops/daggerverse/cosign@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
 generate-key-pair
func (m *MyModule) Example() *dagger.Directory  {
	return dag.
			Cosign().
			GenerateKeyPair()
}
@function
def example() -> dagger.Directory:
	return (
		dag.cosign()
		.generate_key_pair()
	)
@func()
example(): Directory {
	return dag
		.cosign()
		.generateKeyPair()
}

sign() 🔗

Sign image with Cosign

Return Type
String !
Arguments
NameTypeDefault ValueDescription
imageString !-Image digest URI
annotations[String ! ] []Extra key=value pairs to sign
privateKeySecret nullCosign private key
passwordSecret -Cosign password
identityTokenSecret nullCosign identity token
oidcProviderString ""Specify the provider to get the OIDC token from
oidcIssuerString ""OIDC provider to be used to issue ID toke
recursiveBoolean falseIf a multi-arch image is specified, additionally sign each discrete image
Example
dagger -m github.com/opopops/daggerverse/cosign@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
 sign --image string
func (m *MyModule) Example(ctx context.Context, image string) string  {
	return dag.
			Cosign().
			Sign(ctx, image)
}
@function
async def example(image: str) -> str:
	return await (
		dag.cosign()
		.sign(image)
	)
@func()
async example(image: string): Promise<string> {
	return dag
		.cosign()
		.sign(image)
}

withAttest() 🔗

Attest image with Cosign (For chaining)

Return Type
Cosign !
Arguments
NameTypeDefault ValueDescription
imageString !-Image digest URI
predicateFile !-path to the predicate file
typeString !-Specify a predicate type
privateKeySecret nullCosign private key
passwordSecret nullCosign password
identityTokenSecret nullCosign identity token
oidcProviderString ""Specify the provider to get the OIDC token from
oidcIssuerString ""OIDC provider to be used to issue ID toke
recursiveBoolean falseIf a multi-arch image is specified, additionally sign each discrete image
Example
dagger -m github.com/opopops/daggerverse/cosign@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
 with-attest --image string --predicate file:path --type string
func (m *MyModule) Example(image string, predicate *dagger.File, type string) *dagger.Cosign  {
	return dag.
			Cosign().
			WithAttest(image, predicate, type)
}
@function
def example(image: str, predicate: dagger.File, type: str) -> dagger.Cosign:
	return (
		dag.cosign()
		.with_attest(image, predicate, type)
	)
@func()
example(image: string, predicate: File, type: string): Cosign {
	return dag
		.cosign()
		.withAttest(image, predicate, type)
}

withClean() 🔗

Remove all signatures from an image (for chaining)

Return Type
Cosign !
Arguments
NameTypeDefault ValueDescription
imageString !-Image digest URI
typeString "all"Type of clean
Example
dagger -m github.com/opopops/daggerverse/cosign@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
 with-clean --image string
func (m *MyModule) Example(image string) *dagger.Cosign  {
	return dag.
			Cosign().
			WithClean(image)
}
@function
def example(image: str) -> dagger.Cosign:
	return (
		dag.cosign()
		.with_clean(image)
	)
@func()
example(image: string): Cosign {
	return dag
		.cosign()
		.withClean(image)
}

withCopy() 🔗

Copy the supplied container image and signatures (for chaining)

Return Type
Cosign !
Arguments
NameTypeDefault ValueDescription
sourceString !-Source image
destinationString !-Destination image
platformScalar nullOnly copy container image and its signatures for a specific platform image
only[String ! ] []Custom string array to only copy specific items. ex: --only=sig,att,sbom
forceBoolean falseOverwrite destination image(s), if necessary
allowHttpRegistryBoolean falseWhether to allow using HTTP protocol while connecting to registries
allowInsecureRegistryBoolean falsewhether to allow insecure connections to registries
Example
dagger -m github.com/opopops/daggerverse/cosign@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
 with-copy --source string --destination string
func (m *MyModule) Example(source string, destination string) *dagger.Cosign  {
	return dag.
			Cosign().
			WithCopy(source, destination)
}
@function
def example(source: str, destination: str) -> dagger.Cosign:
	return (
		dag.cosign()
		.with_copy(source, destination)
	)
@func()
example(source: string, destination: string): Cosign {
	return dag
		.cosign()
		.withCopy(source, destination)
}

withDockerConfig() 🔗

Set Docker config file (for chaining)

Return Type
Cosign !
Arguments
NameTypeDefault ValueDescription
dockerConfigFile !-Docker config file
Example
dagger -m github.com/opopops/daggerverse/cosign@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
 with-docker-config --docker-config file:path
func (m *MyModule) Example(dockerConfig *dagger.File) *dagger.Cosign  {
	return dag.
			Cosign().
			WithDockerConfig(dockerConfig)
}
@function
def example(docker_config: dagger.File) -> dagger.Cosign:
	return (
		dag.cosign()
		.with_docker_config(docker_config)
	)
@func()
example(dockerConfig: File): Cosign {
	return dag
		.cosign()
		.withDockerConfig(dockerConfig)
}

withEnvVariable() 🔗

Set a new environment variable in the Apko container

Return Type
Cosign !
Arguments
NameTypeDefault ValueDescription
nameString !-Name of the environment variable
valueString !-Value of the environment variable
expandBoolean falseReplace “${VAR}” or “$VAR” in the value according to the current environment variables defined in the container
Example
dagger -m github.com/opopops/daggerverse/cosign@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
 with-env-variable --name string --value string
func (m *MyModule) Example(name string, value string) *dagger.Cosign  {
	return dag.
			Cosign().
			WithEnvVariable(name, value)
}
@function
def example(name: str, value: str) -> dagger.Cosign:
	return (
		dag.cosign()
		.with_env_variable(name, value)
	)
@func()
example(name: string, value: string): Cosign {
	return dag
		.cosign()
		.withEnvVariable(name, value)
}

withRegistryAuth() 🔗

Authenticate with registry

Return Type
Cosign !
Arguments
NameTypeDefault ValueDescription
usernameString !-Registry username
secretSecret !-Registry password
addressString "docker.io"Registry host
Example
dagger -m github.com/opopops/daggerverse/cosign@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
 with-registry-auth --username string --secret env:MYSECRET
func (m *MyModule) Example(username string, secret *dagger.Secret) *dagger.Cosign  {
	return dag.
			Cosign().
			WithRegistryAuth(username, secret)
}
@function
def example(username: str, secret: dagger.Secret) -> dagger.Cosign:
	return (
		dag.cosign()
		.with_registry_auth(username, secret)
	)
@func()
example(username: string, secret: Secret): Cosign {
	return dag
		.cosign()
		.withRegistryAuth(username, secret)
}

withSecretVariable() 🔗

Set a new environment variable, using a secret value

Return Type
Cosign !
Arguments
NameTypeDefault ValueDescription
nameString !-Name of the secret variable
secretSecret !-Identifier of the secret value
Example
dagger -m github.com/opopops/daggerverse/cosign@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
 with-secret-variable --name string --secret env:MYSECRET
func (m *MyModule) Example(name string, secret *dagger.Secret) *dagger.Cosign  {
	return dag.
			Cosign().
			WithSecretVariable(name, secret)
}
@function
def example(name: str, secret: dagger.Secret) -> dagger.Cosign:
	return (
		dag.cosign()
		.with_secret_variable(name, secret)
	)
@func()
example(name: string, secret: Secret): Cosign {
	return dag
		.cosign()
		.withSecretVariable(name, secret)
}

withSign() 🔗

Sign image with Cosign (For chaining)

Return Type
Cosign !
Arguments
NameTypeDefault ValueDescription
imageString !-Image digest URI
annotations[String ! ] []Extra key=value pairs to sign
privateKeySecret nullCosign private key
passwordSecret nullCosign password
identityTokenSecret nullCosign identity token
oidcProviderString ""Specify the provider to get the OIDC token from
oidcIssuerString ""OIDC provider to be used to issue ID toke
recursiveBoolean falseIf a multi-arch image is specified, additionally sign each discrete image
Example
dagger -m github.com/opopops/daggerverse/cosign@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
 with-sign --image string
func (m *MyModule) Example(image string) *dagger.Cosign  {
	return dag.
			Cosign().
			WithSign(image)
}
@function
def example(image: str) -> dagger.Cosign:
	return (
		dag.cosign()
		.with_sign(image)
	)
@func()
example(image: string): Cosign {
	return dag
		.cosign()
		.withSign(image)
}