cosign/cosign.spec

%define		debug %nil
%define		debug_package %nil

Name:		cosign
Version:	2.4.3
Release:	1
Summary:	Code signing and transparency for containers and binaries
URL:		https://github.com/sigstore/cosign
Source0:	%{url}/archive/v%{version}/%{name}-%{version}.tar.gz
License:	ASL 2.0
Group:		Development/Other
BuildRequires:	go
BuildRequires:	git-core
BuildRequires:	upx

%description
Signing OCI containers (and other artifacts) using Sigstore!

Cosign aims to make signatures invisible infrastructure.

Cosign supports:

- "Keyless signing" with the Sigstore public good Fulcio 
certificate authority and Rekor transparency log (default)
- Hardware and KMS signing
- Signing with a cosign generated encrypted private/public 
keypair
- Container Signing, Verification and Storage in an OCI 
registry.
- Bring-your-own PKI


%prep
%setup -q

%build
export GOPROXY=https://proxy.golang.org/cached-only
%make GIT_VERSION="v%{version}"

upx %{name}

%install
install -Dm0755 %{name} %{buildroot}%{_bindir}/%{name}

%files
%doc README.md LICENSE
%{_bindir}/%{name}