Description
We (w/@Dentrax) thought that it'd be nice if pack CLI has the support of signing container images right after building them without requiring any additional steps to sign container images based on cosign, a tool developed by the sigstore community that lets you sign, and verify container images according to several types of key management types, or any other signing tool.
Proposed solution
Maybe we can add additional flag to the build command in pack CLI to enable signing, it'll be look like this:
# Set default signer to the config
$ paketo config default-signer cosign
# it'll sign container image right after built
$ pack build --signer cosign <img>
Describe alternatives you've considered
Additional context
Description
We (w/@Dentrax) thought that it'd be nice if pack CLI has the support of signing container images right after building them without requiring any additional steps to sign container images based on cosign, a tool developed by the sigstore community that lets you sign, and verify container images according to several types of key management types, or any other signing tool.
Proposed solution
Maybe we can add additional flag to the build command in pack CLI to enable signing, it'll be look like this:
# Set default signer to the config $ paketo config default-signer cosignDescribe alternatives you've considered
Additional context