which-cli/
browse
cosign/

Cosign

Sigstore / Linux Foundation

Container image signing, verification, and attestation tool for software supply chain security.

Security & IdentityJSON
docsrepo.json
01Install
brew install cosign
Download binary →
02Global Flags
FlagTypeDescription
--keystringPath to signing key
--output-signaturestringWrite signature to file
--output-certificatestringWrite certificate to file
03Authentication
Methods
environment-variablesconfig-file
Env vars
COSIGN_KEYCOSIGN_PASSWORDCOSIGN_REPOSITORY
Docsdocs.sigstore.dev/cosign/key_management/signing_with_self-managed_keys
04Capabilities
Vulnerability ScanningContainer Registry
Reference
binarycosign
checkcosign version
authenvironment-variables, config-file
formatstext
json flag--output-json