Skip to content

Commit

Permalink
k0s binary signing docs
Browse files Browse the repository at this point in the history 
Signed-off-by: Alexey Makhov <[email protected]>
  • Loading branch information
@makhov
makhov committed Oct 10, 2023
1 parent 4109036 commit 3b5bec6
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 0 deletions.
12 changes: 12 additions & 0 deletions docs/verifying-signs.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
# Verifying Signed Binaries

K0smotron team provides signed binaries for k0s. The signatures are created using [cosign](https://docs.sigstore.dev/signing/quickstart/).

Check failure on line 3 in docs/verifying-signs.md

View workflow job for this annotation

GitHub Actions / Lint markdown 

Trailing spaces [Expected: 0 or 2; Actual: 1]
Public key and signature files are available for download from the [releases page](https://github.com/k0sproject/k0s/releases/latest).

Check failure on line 4 in docs/verifying-signs.md

View workflow job for this annotation

GitHub Actions / Lint markdown 

Trailing spaces [Expected: 0 or 2; Actual: 1]
Binaries can be verified using the `cosign` tool, for example:

```shell
cosign verify-blob \
--key https://github.com/k0sproject/k0s/releases/download/v1.28.2%2Bk0s.0/cosign.pub \
--signature https://github.com/k0sproject/k0s/releases/download/v1.28.2%2Bk0s.0/k0s-v1.28.2+k0s.0-amd64.sig \
--payload k0s-v1.28.2+k0s.0-amd64
```
1 change: 1 addition & 0 deletions mkdocs.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ nav:
- Using custom CA certificate (advanced): custom-ca.md
- System Requirements: system-requirements.md
- External runtime dependencies: external-runtime-deps.md
- Verifying Signed Binaries: verifying-signs.md
- Maintenance:
- Upgrade: upgrade.md
- Backup/Restore: backup.md
Expand Down

0 comments on commit 3b5bec6

Please sign in to comment.