$ cosign verify registry.k8s.io/kube-apiserver-amd64:v1.25.2
https://github.com/jonjohnsonjr/apkrane
$ apkrane ls https://packages.wolfi.dev/os/x86_64/APKINDEX.tar.gz --latest --full
#!/bin/bash | |
COSIGN_FILE=$(mktemp -q XXXXXX.json) | |
printf '\n' | |
printf '===============================================================\n' | |
printf '=== Searching artifacthub.io for artifacts signed by cosign ===\n' | |
printf '===============================================================\n' | |
printf '\n' |
import ( | |
"encoding/json" | |
) | |
#Predicate: { | |
Data: string | |
Timestamp: string | |
} | |
#ExternalRefs: { |
import ( | |
"encoding/json" | |
"strings" | |
"list" | |
) | |
#SPDXLicenses: { | |
licenseListVersion: "3.19" | |
licenses: [{ | |
reference: "https://spdx.org/licenses/0BSD.html" | |
isDeprecatedLicenseId: false |
import ( | |
"encoding/json" | |
"strings" | |
"list" | |
"tool/http" | |
) | |
#Predicate: { | |
Data: string | |
Timestamp: string | |
... |
$ cosign verify registry.k8s.io/kube-apiserver-amd64:v1.25.2
https://github.com/jonjohnsonjr/apkrane
$ apkrane ls https://packages.wolfi.dev/os/x86_64/APKINDEX.tar.gz --latest --full
#!/bin/bash | |
# Check if the script is being run from within a Git repository | |
if ! git rev-parse --is-inside-work-tree > /dev/null 2>&1; then | |
echo "Please run this script from within the Git repository you want to analyze." | |
exit 1 | |
else | |
# symbolic reference to avoid ambiguous reference errors | |
git remote set-head origin -a > /dev/null 2>&1 | |
fi |
all
: Compile the entire program.install
: Compile and copy executables, libraries, etc., to their installation directories.install-html
, install-dvi
, install-pdf
, install-ps
: Alternative installations for documentation.uninstall
: Delete all installed files.#!/usr/bin/env python | |
# This library requires requests and icalendar | |
# pip install icalendar | |
from icalendar import Calendar, Event | |
from datetime import datetime, timedelta | |
from pytz import timezone, utc | |
# Prefix for event summaries |
FROM cgr.dev/chainguard/jdk:latest-dev AS chainguard-builder | |
USER 0 | |
# Add nginx and cosign packages to JRE distroless image | |
ARG PACKAGES="nginx cosign" | |
RUN mkdir -p /newroot/etc && \ | |
cp -a /etc/apk /newroot/etc && \ | |
apk update && \ | |
apk add --no-cache --initdb --root /newroot $PACKAGES && \ | |
find /newroot -mindepth 1 -maxdepth 1 -type d \( ! -name usr -a ! -name var \) -exec rm -rf {} + && \ |
FROM cgr.dev/chainguard-private/python:3.12-dev AS chainguard-builder | |
USER 0 | |
ARG PACKAGES="cosign" | |
RUN mkdir -p /newroot/etc && \ | |
cp -a /etc/apk /newroot/etc && \ | |
apk update && \ | |
apk add --no-cache --initdb --root /newroot $PACKAGES && \ | |
find /newroot -mindepth 1 -maxdepth 1 -type d \( ! -name usr -a ! -name var \) -exec rm -rf {} + && \ | |
rm -rf /newroot/usr/share* && \ |