Skip to content
This repository was archived by the owner on Oct 30, 2023. It is now read-only.

duffney/setup-notation

BranchesTags

Repository files navigation

setup-notation

A GitHub Action that installs and configures the Notation CLI for digitally signing Open Container Initiative (OCI) compliant artifacts.

Usage

Setup the notation CLI:

steps:
- uses: Duffney/setup-notation@v1.0.0

A specific version of the notation CLI can be installed:

steps:
- uses: Duffney/setup-notation@v1.0.0
  with:
    version: 1.0.0-rc.1

A plugin for Azure Key Vault can be added to the notation CLI:

steps:
  - name: Setup Notation with azure-kv plugin
    uses: Duffney/setup-notation@v1.0.0
    with:
      version: 1.0.0-rc.1 
      key_name: example
      certificate_key_id: https://rg-kv.vault.azure.net/keys/certname/2c12753ba2b44646bd27d4d447020018
      plugin_name: notation-azure-kv
      plugin_version:  0.5.0-rc.1

Inputs

The actions supports the following inputs:

  • version: The version of the notation to install, defaulting to 1.0.0-rc.1
  • key_name: The name of the signing key that is added to Notation, defaulting to example
  • certificate_key_id: The key identifer for the signing certificate located within a key management service, such as Azure Key Vault, AWS Secrets Manager, and GCP Cloud Key Management.
  • plugin_name: The name of the notation plugin to install
  • plugin_version: The version of the notation plugin to install.

About

A GitHub Action for using the Notation CLI

Topics

supply-chain cloud-native container-registry image-signature

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

5 tags

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages