mirror of
https://abf.rosa.ru/djam/cosign.git
synced 2025-02-23 16:42:49 +00:00
Imported from SRPM
This commit is contained in:
commit
7f5462345a
2 changed files with 50 additions and 0 deletions
2
.abf.yml
Normal file
2
.abf.yml
Normal file
|
|
@ -0,0 +1,2 @@
|
||||||
|
sources:
|
||||||
|
cosign-2.2.4.tar.gz: f458ec8e5e44f9dbf9a6f44e58b816b50c69ff65
|
||||||
48
cosign.spec
Normal file
48
cosign.spec
Normal file
|
|
@ -0,0 +1,48 @@
|
||||||
|
%define debug %nil
|
||||||
|
%define debug_package %nil
|
||||||
|
|
||||||
|
Name: cosign
|
||||||
|
Version: 2.2.4
|
||||||
|
Release: 1
|
||||||
|
Summary: Code signing and transparency for containers and binaries
|
||||||
|
URL: https://github.com/sigstore/cosign
|
||||||
|
Source0: %{url}/archive/v%{version}/%{name}-%{version}.tar.gz
|
||||||
|
License: ASL 2.0
|
||||||
|
Group: Development/Other
|
||||||
|
BuildRequires: go
|
||||||
|
BuildRequires: git-core
|
||||||
|
BuildRequires: upx
|
||||||
|
|
||||||
|
%description
|
||||||
|
Signing OCI containers (and other artifacts) using Sigstore!
|
||||||
|
|
||||||
|
Cosign aims to make signatures invisible infrastructure.
|
||||||
|
|
||||||
|
Cosign supports:
|
||||||
|
|
||||||
|
- "Keyless signing" with the Sigstore public good Fulcio
|
||||||
|
certificate authority and Rekor transparency log (default)
|
||||||
|
- Hardware and KMS signing
|
||||||
|
- Signing with a cosign generated encrypted private/public
|
||||||
|
keypair
|
||||||
|
- Container Signing, Verification and Storage in an OCI
|
||||||
|
registry.
|
||||||
|
- Bring-your-own PKI
|
||||||
|
|
||||||
|
|
||||||
|
%prep
|
||||||
|
%setup -q
|
||||||
|
|
||||||
|
%build
|
||||||
|
export GOPROXY=direct
|
||||||
|
%make GIT_VERSION="v%{version}"
|
||||||
|
|
||||||
|
upx %{name}
|
||||||
|
|
||||||
|
%install
|
||||||
|
install -Dm0755 %{name} %{buildroot}%{_bindir}/%{name}
|
||||||
|
|
||||||
|
%files
|
||||||
|
%doc README.md LICENSE
|
||||||
|
%{_bindir}/%{name}
|
||||||
|
|
||||||
Loading…
Add table
Reference in a new issue