A GitHub Action that installs and configures the Notation CLI for digitally signing Open Container Initiative (OCI) compliant artifacts.
Setup the notation
CLI:
steps:
- uses: Duffney/[email protected]
A specific version of the notation
CLI can be installed:
steps:
- uses: Duffney/[email protected]
with:
version: 1.0.0-rc.1
A plugin for Azure Key Vault can be added to the notation
CLI:
steps:
- name: Setup Notation with azure-kv plugin
uses: Duffney/[email protected]
with:
version: 1.0.0-rc.1
key_name: example
certificate_key_id: https://rg-kv.vault.azure.net/keys/certname/2c12753ba2b44646bd27d4d447020018
plugin_name: notation-azure-kv
plugin_version: 0.5.0-rc.1
The actions supports the following inputs:
version
: The version of thenotation
to install, defaulting to1.0.0-rc.1
key_name
: The name of the signing key that is added to Notation, defaulting toexample
certificate_key_id
: The key identifer for the signing certificate located within a key management service, such as Azure Key Vault, AWS Secrets Manager, and GCP Cloud Key Management.plugin_name
: The name of thenotation
plugin to installplugin_version
: The version of thenotation
plugin to install.