Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Document Staging instance usage with Keyless #1824

Merged
merged 1 commit into from
May 2, 2022
Merged

Document Staging instance usage with Keyless #1824

merged 1 commit into from
May 2, 2022

Conversation

k4leung4
Copy link
Contributor

@k4leung4 k4leung4 commented May 2, 2022

Signed-off-by: Kenny Leung [email protected]

Summary

This is to document how to use the staging Sigstore instance with keyless signing.

@haydentherapper @priyawadhwa PTAL

Ticket Link

Fixes

Release Note

@codecov-commenter
Copy link

codecov-commenter commented May 2, 2022
edited
Loading

Codecov Report

Merging #1824 (fca3d6c) into main (e74f180) will not change coverage.
The diff coverage is n/a.

❗ Current head fca3d6c differs from pull request most recent head d5b9ed9. Consider uploading reports for the commit d5b9ed9 to get more accurate results

@@           Coverage Diff           @@
##             main    #1824   +/-   ##
=======================================
  Coverage   33.02%   33.02%           
=======================================
  Files         147      147           
  Lines        9347     9347           
=======================================
  Hits         3087     3087           
  Misses       5906     5906           
  Partials      354      354

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update e74f180...d5b9ed9. Read the comment docs.

@k4leung4 k4leung4 force-pushed the staging-keyless branch from fca3d6c to e50cd9f Compare May 2, 2022 13:21
cpanato
cpanato reviewed May 2, 2022
View reviewed changes
KEYLESS.md Outdated Show resolved Hide resolved
@k4leung4 k4leung4 force-pushed the staging-keyless branch from e50cd9f to d5b9ed9 Compare May 2, 2022 13:26
cpanato
cpanato reviewed May 2, 2022
View reviewed changes
KEYLESS.md Outdated Show resolved Hide resolved
cpanato
cpanato previously approved these changes May 2, 2022
View reviewed changes
Copy link
Member

@cpanato cpanato left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm! thanks for the documentation!

@cpanato cpanato requested a review from dlorenc May 2, 2022 13:32
@k4leung4 k4leung4 force-pushed the staging-keyless branch from d5b9ed9 to 7292908 Compare May 2, 2022 13:32
cpanato
cpanato previously approved these changes May 2, 2022
View reviewed changes
haydentherapper
haydentherapper reviewed May 2, 2022
View reviewed changes
KEYLESS.md
* https://rekor.sigstage.dev
* https://oauth2.sigstage.dev/auth

These instances are operated and maintained in the same manner as the public production environment for Sigstore.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There will be no SLO provided nor the same protection of the root key material for TUF. We should loudly note this, that this is staging and never should be used for production.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

added note about slo and not for production use.

KEYLESS.md
* Steps 1-4 configures your local environment to use the staging keys and certificates.
* Step 5 specify the staging environment with flags needed for signing.
* Step 6 specify the staging environment with flags needed for verifying.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we also note how to get back to using production, rm the Sigstore directory and init?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

good point.
added steps to revert to production

@k4leung4 k4leung4 force-pushed the staging-keyless branch from 7292908 to 9a3ca95 Compare May 2, 2022 15:48
@dlorenc dlorenc merged commit 88b68f4 into sigstore:main May 2, 2022
@github-actions github-actions bot added this to the v1.9.0 milestone May 2, 2022
mlieberman85 pushed a commit to mlieberman85/cosign that referenced this pull request May 6, 2022
@k4leung4 @mlieberman85
Document Staging instance usage with Keyless (sigstore#1824)
0d1aa8f 
Signed-off-by: Kenny Leung <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@haydentherapper haydentherapper haydentherapper approved these changes

@dlorenc dlorenc dlorenc approved these changes

@cpanato cpanato cpanato left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v1.9.0
Development

Successfully merging this pull request may close these issues.
5 participants
@k4leung4 @codecov-commenter @dlorenc @cpanato @haydentherapper