table of contents
other versions
| SIGSTORE-GO(1) | User Commands | SIGSTORE-GO(1) |
NAME¶
sigstore-go - Sigstore tool
DESCRIPTION¶
Usage of /build/reproducible-path/sigstore-go-0.7.0/debian/tmp/usr/bin/sigstore-go:¶
-artifact string
- Path to artifact to verify
-artifact-digest string
- Hex-encoded digest of artifact to verify
-artifact-digest-algorithm string
- Digest algorithm (default "sha256")
-expectedIssuer string
- The expected OIDC issuer for the signing certificate
-expectedIssuerRegex string
- The expected OIDC issuer for the signing certificate
-expectedSAN string
- The expected identity in the signing certificate's SAN extension
-expectedSANRegex string
- The expected identity in the signing certificate's SAN extension
-minBundleVersion string
- Minimum acceptable bundle version (e.g. '0.1')
-publicKey string
- Path to trusted public key
-requireCTlog
- Require Certificate Transparency log entry (default true)
-requireTimestamp
- Require either an RFC3161 signed timestamp or log entry integrated timestamp (default true)
-requireTlog
- Require Artifact Transparency log entry (Rekor) (default true)
-trustedrootJSONpath string
- Path to trustedroot JSON file (default "examples/trusted-root-public-good.json")
-tufRootURL string
- URL of TUF root containing trusted root JSON file
-tufTrustedRoot string
- Path to the trusted TUF root.json to bootstrap trust in the remote TUF repository
| March 2025 | sigstore-go 0.7.0-2+b1 |