-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
docs: 📝 Update cosign
installation instructions and add verification steps
#1460
Conversation
Review changes with SemanticDiff. |
Reviewer's Guide by SourceryThis pull request updates the 'INSTALLATION.md' file to include detailed instructions for installing 'cosign' and verifying the SpectraFit container image. The changes provide step-by-step guidance on using 'cosign' with Homebrew and Go, saving the public key, and verifying the container image, including exporting the verification output to JSON. File-Level Changes
Tips
|
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey @Anselmoo - I've reviewed your changes and they look great!
Here's what I looked at during the review
- 🟢 General issues: all looks good
- 🟢 Security: all looks good
- 🟢 Testing: all looks good
- 🟢 Complexity: all looks good
- 🟡 Documentation: 3 issues found
Help me be more useful! Please click 👍 or 👎 on each comment to tell me if it was helpful.
@@ -214,7 +214,49 @@ available plugins are: | |||
|
|||
!!! info "About cosign" | |||
|
|||
_coming soon_ | |||
The `cosign` is a tool for signing and verifying container images as part of the | |||
[sigstore][10] project.The `cosign` can be used to sign the `SpectraFit` container |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
issue (documentation): Add a space after the period.
There should be a space after the period in 'project.The'.
|
||
To verify the SpectraFit container image, SpectraFit's public key is required and | ||
can be found under: https://github.com/Anselmoo/spectrafit/blob/main/cosign.pub. | ||
You can save the public key to a file named cosign.pub: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
suggestion (documentation): Clarify the instruction for saving the public key.
Consider changing 'You can save the public key to a file named cosign.pub' to 'Save the public key to a file named cosign.pub
.'
You can save the public key to a file named cosign.pub: | |
Save the public key to a file named `cosign.pub`: |
You can save the public key to a file named cosign.pub: | ||
|
||
```bash | ||
cat cosign.pub |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
issue (documentation): Correct the command for saving the public key.
The command cat cosign.pub
is misleading. It should be echo "-----BEGIN PUBLIC KEY-----..." > cosign.pub
to actually save the key to the file.
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #1460 +/- ##
=========================================
Coverage 100.00% 100.00%
=========================================
Files 44 44
Lines 4467 4467
=========================================
Hits 4467 4467
Flags with carried forward coverage won't be shown. Click here to find out more. |
All PR-Submissions:
Pull Requests for the same
update/change?
New ✨✨ Feature-Submissions:
Changes to ⚙️ Core-Features:
us to include them?
Summary by Sourcery
This pull request updates the
INSTALLATION.md
documentation to include detailed instructions for installingcosign
and verifying theSpectraFit
container image. It provides installation commands for macOS, Linux, and Go, as well as steps to verify the container image using a public key.cosign
installation instructions inINSTALLATION.md
to include steps for installingcosign
via Homebrew and Go.SpectraFit
container image usingcosign
, including how to obtain and use the public key.