From e61d22674d84a177a3c6eafd3c714b2be8956c76 Mon Sep 17 00:00:00 2001
From: Furkan <furkan.turkal@trendyol.com>
Date: Wed, 20 Oct 2021 21:52:32 +0300
Subject: [PATCH] cosign: add page

---
 pages/common/cosign.md | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 pages/common/cosign.md

diff --git a/pages/common/cosign.md b/pages/common/cosign.md
new file mode 100644
index 0000000000..ddc44afbc5
--- /dev/null
+++ b/pages/common/cosign.md
@@ -0,0 +1,36 @@
+# cosign
+
+> Container Signing, Verification and Storage in an OCI registry.
+> More information: <https://github.com/sigstore/cosign>.
+
+- Generate a key-pair:
+
+`cosign generate-key-pair`
+
+- Sign a container and store the signature in the registry:
+
+`cosign sign -key {{cosign.key}} {{image}}`
+
+- Sign a container image with a key pair stored in a Kubernetes secret:
+
+`cosign sign -key k8s://{{namespace}}/{{key}} {{image}}`
+
+- Sign a blob with a local key pair file:
+
+`cosign sign-blob --key {{cosign.key}} {{file}}`
+
+- Verify a container against a public key:
+
+`cosign verify -key {{cosign.pub}} {{image}}`
+
+- Verify images with a public key in a Dockerfile:
+
+`cosign dockerfile verify -key {{cosign.pub}} {{path/to/Dockerfile}}`
+
+- Verify an image with a public key stored in a Kubernetes secret:
+
+`cosign verify -key k8s://{{namespace}}/{{key}} {{image}}`
+
+- Copy a container image and its signatures:
+
+`cosign copy {{example.com/src:latest}} {{example.com/dest:latest}}`