table of contents
| OCI-IMAGE-VERIFICATION(1) | User Commands | OCI-IMAGE-VERIFICATION(1) |
NAME¶
oci-image-verification - Sigstore OCI image verification
DESCRIPTION¶
Usage of /build/reproducible-path/sigstore-go-0.6.2/debian/tmp/usr/bin/oci-image-verification:¶
-artifact string
- Path to artifact to verify
-artifact-digest string
- Hex-encoded digest of artifact to verify
-artifact-digest-algorithm string
- Digest algorithm (default "sha256")
-expectedIssuer string
- The expected OIDC issuer for the signing certificate
-expectedIssuerRegex string
- The expected OIDC issuer for the signing certificate
-expectedSAN string
- The expected identity in the signing certificate's SAN extension
-expectedSANRegex string
- The expected identity in the signing certificate's SAN extension
-minBundleVersion string
- Minimum acceptable bundle version (e.g. '0.1')
-ociImage string
- OCI image to verify
-onlineTlog
- Verify Artifact Transparency log entry online (Rekor)
-publicKey string
- Path to trusted public key
-requireTimestamp
- Require either an RFC3161 signed timestamp or log entry integrated timestamp (default true)
-requireTlog
- Require Artifact Transparency log entry (Rekor) (default true)
-trustedrootJSONpath string
- Path to trustedroot JSON file (default "examples/trusted-root-public-good.json")
-tufDirectory string
- Directory to store TUF metadata (default "tufdata")
-tufRootURL string
- URL of TUF root containing trusted root JSON file
| January 2025 | oci-image-verification 0.6.2-2 |