mirror of
https://github.com/lukaszraczylo/kportal.git
synced 2026-06-29 05:32:38 +00:00
Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 lukaszraczylo
|
9fd8f9b03b |
+1
-1
@@ -80,7 +80,7 @@ signs:
|
|||||||
args:
|
args:
|
||||||
- sign-blob
|
- sign-blob
|
||||||
- "--key"
|
- "--key"
|
||||||
- "env://COSIGN_KEY"
|
- "/tmp/cosign.key"
|
||||||
- "--output-signature"
|
- "--output-signature"
|
||||||
- "${signature}"
|
- "${signature}"
|
||||||
- "--output-certificate"
|
- "--output-certificate"
|
||||||
|
|||||||
@@ -83,6 +83,19 @@ cd kportal
|
|||||||
make build && make install
|
make build && make install
|
||||||
```
|
```
|
||||||
|
|
||||||
|
### Verifying Release Signatures
|
||||||
|
|
||||||
|
All release checksums are signed with [cosign](https://github.com/sigstore/cosign). To verify:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# Download the checksum file and its signature
|
||||||
|
# Then verify with:
|
||||||
|
cosign verify-blob \
|
||||||
|
--key https://raw.githubusercontent.com/lukaszraczylo/lukaszraczylo/main/cosign.pub \
|
||||||
|
--signature kportal-<version>-checksums.txt.sig \
|
||||||
|
kportal-<version>-checksums.txt
|
||||||
|
```
|
||||||
|
|
||||||
## 🚀 Quick Start
|
## 🚀 Quick Start
|
||||||
|
|
||||||
Create `.kportal.yaml`:
|
Create `.kportal.yaml`:
|
||||||
|
|||||||
Reference in New Issue
Block a user