Add (podman {image,manifest} push --sign-by-sigstore=param-file.yaml)

(podman push) and (podman manifest push) now support --sign-by-sigstore=param-file, using the containers-sigstore-signing-params.yaml(5) file format. That notably adds support for Fulcio and Rekor signing. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2025-12-15 11:42:28 +08:00 · 2023-01-12 00:14:42 +01:00
parent 356f7b6c9d
commit 069edc3adf
287 changed files with 61247 additions and 19 deletions
--- a/test/e2e/testdata/sigstore-registries.d-fragment.yaml
+++ b/test/e2e/testdata/sigstore-registries.d-fragment.yaml
@@ -1,3 +1,5 @@
 docker:
  localhost:5000/sigstore-signed:
    use-sigstore-attachments: true
+  localhost:5000/sigstore-signed-params:
+    use-sigstore-attachments: true
--- a/test/e2e/testdata/sigstore-signing-params.yaml
+++ b/test/e2e/testdata/sigstore-signing-params.yaml
@@ -0,0 +1,2 @@
+privateKeyFile: "testdata/sigstore-key.key"
+privateKeyPassphraseFile: "testdata/sigstore-key.key.pass"