Cosign Verification
Last updated
Was this helpful?
Last updated
Was this helpful?
This guide demonstrates how to verify signed artifacts (i.e., container images, Helm charts) hosted on ocir.immuta.com using from .
The provided key is used to sign the Helm chart and container images.
A DIGESTS.md
markdown file comes bundled in the Helm chart and contains a comprehensive list of images and digests referenced. To view the file, follow these steps:
Download and extract the Helm chart into the working directory.
Open file immuta-enterprise/DIGESTS.md
Verify an artifact's signature by referencing Immuta's public key.