Support for Cosign verification with keys managed in KMS #1190

yizha1 · 2023-11-29T04:20:14Z

What would you like to be added?

Currently users can only configure Cosign verification with a public key from a file path. In enterprise context, normally users create and manage key in a Key Management System (KMS). Cosign supports different KMS provider, for example AKV as a provider, and verification with a KMS.

This issue asks for support Cosign verification with keys that are managed in KMS, like AKV. Users can easily configure KMS name/address, authentication and keys used for verification without the need to download the key to a file first and then configure a file path.

Anything else you would like to add?

No response

Are you willing to submit PRs to contribute to this feature?

Yes, I am willing to implement it.

yizha1 added enhancement New feature or request triage Needs investigation labels Nov 29, 2023

susanshi added this to the v1.2.0 milestone Dec 5, 2023

susanshi removed the triage Needs investigation label Dec 5, 2023

akashsinghal mentioned this issue Jan 4, 2024

docs: cosign upgrade design document #1246

Merged

12 tasks

akashsinghal mentioned this issue Feb 2, 2024

[EPIC] Improve Cosign Verifier #1166

Closed

11 tasks

akashsinghal mentioned this issue Apr 10, 2024

feat: add cosign trust policies #1381

Merged

12 tasks

akashsinghal closed this as completed in #1381 Apr 24, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Support for Cosign verification with keys managed in KMS #1190

Support for Cosign verification with keys managed in KMS #1190

yizha1 commented Nov 29, 2023

Support for Cosign verification with keys managed in KMS #1190

Support for Cosign verification with keys managed in KMS #1190

Comments

yizha1 commented Nov 29, 2023

What would you like to be added?

Anything else you would like to add?

Are you willing to submit PRs to contribute to this feature?