mirror of
https://github.com/freedomofpress/dangerzone.git
synced 2025-04-30 10:42:37 +02:00
a87fd4338b
Signatures are stored in the OCI Manifest v2 registry [0], and are expected to follow the Cosign Signature Specification [0] The following CLI utilities are provided with `dangerzone-image`: For checking new container images, upgrading them and downloading them: - `upgrade` allows to upgrade the current installed image to the last one available on the OCI registry, downloading and storing the signatures in the process. - `verify-local` allows the verify the currently installed image against downloaded signatures and public key. To prepare and install archives on air-gapped environments: - `prepare-archive` helps to prepare an archive to install on another machine - `load-archive` helps upgrade the local image to the archive given in argument. Signatures are stored locally using the format provided by `cosign download signature`, and the Rekor log index is used to ensure the requested-to-install container image is fresher than the one already present on the system. [0] https://github.com/sigstore/cosign/blob/main/specs/SIGNATURE_SPEC.md |
||
|---|---|---|
| .. | ||
| gui | ||
| isolation_provider | ||
| test_docs | ||
| test_docs_compressed | ||
| test_docs_external | ||
| test_docs_large@0068ffcb67 | ||
| __init__.py | ||
| conftest.py | ||
| test_cli.py | ||
| test_container_utils.py | ||
| test_document.py | ||
| test_large_set.py | ||
| test_ocr.py | ||
| test_settings.py | ||
| test_util.py | ||