Cosign

Cosign CLI

Cosign is a command-line tool for signing, verifying, and storing container images and OCI artifacts. It supports keyless signing, hardware-backed keys, KMS providers, in-toto and SLSA attestations, and transparency log inclusion. The CLI is the primary user interface and does not expose its own HTTP API.

GitHub

Documentation

📖
Documentation
https://docs.sigstore.dev/cosign/
📖
GettingStarted
https://docs.sigstore.dev/quickstart/quickstart-cosign/

SDKs

📦
GitHubRepository
https://github.com/sigstore/cosign

Other Resources

🔗
Installation
https://docs.sigstore.dev/cosign/system_config/installation/
🔗
Reference
https://docs.sigstore.dev/cosign/reference/cosign/

API entry from apis.yml

apis.yml Raw ↑ 
aid: cosign:cosign-cli
name: Cosign CLI
description: Cosign is a command-line tool for signing, verifying, and storing container images and OCI
  artifacts. It supports keyless signing, hardware-backed keys, KMS providers, in-toto and SLSA attestations,
  and transparency log inclusion. The CLI is the primary user interface and does not expose its own HTTP
  API.
humanURL: https://docs.sigstore.dev/cosign/
properties:
- type: Documentation
  url: https://docs.sigstore.dev/cosign/
- type: GettingStarted
  url: https://docs.sigstore.dev/quickstart/quickstart-cosign/
- type: Installation
  url: https://docs.sigstore.dev/cosign/system_config/installation/
- type: GitHubRepository
  url: https://github.com/sigstore/cosign
- type: Reference
  url: https://docs.sigstore.dev/cosign/reference/cosign/
tags:
- CLI
- Containers
- Keyless
- OCI
- Signing