Skip to content

support sbom/attestation OCI artifacts similar to .sig signatures #269

New issue
Jump to bottom
New issue
Jump to bottom
Open
#392
Open
support sbom/attestation OCI artifacts similar to .sig signatures#269
#392
Assignees
joaopapereira
Labels
carvel acceptedThis issue should be considered for future work and that the triage process has been completedenhancementThis issue is a feature requestpriority/important-soonMust be staffed and worked on currently or soon
@cppforlife

Description

@cppforlife
cppforlife
opened on Oct 6, 2021

Describe the problem/challenge you have

we currently have --cosign-singatures=bool flag that attaches .sig artifacts. cosign has .sbom and .att suffixes as well.
(https://github.com/sigstore/cosign/blob/0142711da2fadc78f546a99adf12e2f0be428600/pkg/oci/remote/options.go#L27-L29)

Vote on this request

This is an invitation to the community to vote on issues, to help us prioritize our backlog. Use the "smiley face" up to the right of this comment to vote.

👍 "I would like to see this addressed as soon as possible"
👎 "There are other more important things to focus on right now"

We are also happy to receive and review Pull Requests if you want to help working on this issue.

Metadata

Assignees

Labels

carvel acceptedThis issue should be considered for future work and that the triage process has been completedenhancementThis issue is a feature requestpriority/important-soonMust be staffed and worked on currently or soon

Type

No type

Projects

Carvel

  • Status

    In Progress

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions