Skip to content

[security] Sign container images with cosign on release #11

Description

@kaynor

Goal

Add Sigstore/cosign signing to release-images workflow.

Acceptance criteria

  • Images signed on GitHub Release
  • INSTALL.md documents verification steps

Metadata

Metadata

Assignees

No one assigned

    Labels

    dockerDocker, Compose, GHCRphase-1Registry and exact cachesecuritySecurity or supply chain

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions