Dagger
Search

cosign

Cosign container image signing in a Dagger module

Installation

dagger install github.com/scottames/daggerverse/cosign@v0.0.1

Entrypoint

Return Type
Cosign
Example
func (m *myModule) example() *Cosign  {
	return dag.
			Cosign()
}
@function
def example() -> dag.Cosign:
	return (
		dag.cosign()
	)
@func()
example(): Cosign {
	return dag
		.cosign()
}

Types

Cosign 🔗

Cosign represents the cosign Dagger module type

sign() 🔗

Sign will run cosign from the image, as defined by the cosignImage parameter, to sign the given Container image digests

Note: keyless signing not supported as-is

See https://edu.chainguard.dev/open-source/sigstore/cosign/an-introduction-to-cosign/

Return Type
[String ! ] !
Arguments
NameTypeDefault ValueDescription
privateKeySecret !-Cosign private key
passwordSecret !-Cosign password
registryUsernameString -registry username
registryPasswordSecret -name of the image
dockerConfigFile -Docker config
cosignImageString "chainguard/cosign:latest"Cosign container image
cosignUserString "nonroot"Cosign container image user
digests[String ! ] !-Container image digests to sign
Example
func (m *myModule) example(ctx context.Context, privateKey *Secret, password *Secret, digests []string) []string  {
	return dag.
			Cosign().
			Sign(ctx, privateKey, password, digests)
}
@function
async def example(private_key: dagger.Secret, password: dagger.Secret, digests: List[str]) -> List[str]:
	return await (
		dag.cosign()
		.sign(private_key, password, digests)
	)
@func()
async example(privateKey: Secret, password: Secret, digests: string[]): Promise<string[]> {
	return dag
		.cosign()
		.sign(privateKey, password, digests)
}