Cosign is a tool used to sign, verify and store container signatures in OCI registries.
The official image is a distroless image, while this image is using alpine linux as base image.
The user is set to cosign/cosign (uid/gid 1000).
Tags follow the releases of cosign, they are automatically built via GitLab CI, latest is the most recent version.
Be sure to check the tags for a full list of tags if you need a more specific version constraint.
The jitesoft/alpine images should be possible to find at the following registries:
docker.io/jitesoft/cosign(or justjitesoft/cosign)registry.gitlab.com/jitesoft/dockerfiles/cosignghcr.io/jitesoft/cosign
Dockerfile and scripts can be found at GitLab or GitHub.
This image follows the Jitesoft image label specification 1.0.0.
Cosign public key for this image can be found at https://jitesoft.com/cosign.pub.
Cosign is released under the Apache v2.0 license.
This repository is released under the MIT license.
Jitesoft images are built via GitLab CI on runners hosted by the following wonderful organisations:
The companies above are not affiliated with Jitesoft or any Jitesoft Projects directly.
Sponsoring is vital for the further development and maintaining of open source.
Questions and sponsoring queries can be made by email.
If you wish to sponsor our projects, reach out to the email above or visit any of the following sites:
