lilith/tldr
1
0
Fork 0
mirror of https://github.com/tldr-pages/tldr.git synced 2025-06-05 13:46:00 +02:00
Code Activity
tldr/pages/common/in-toto-run.md
Vitor Henrique d0a73c4b9c
pages*: fix brand and technical names (#12145) 
* pages*: fix Python, Java, pacman, apt, *zip*, xz, tar, git, RPM and grep names

* pages*: fix brand and technical names

Co-authored-by: Lena <126529524+acuteenvy@users.noreply.github.com>

* fluxctl, gitmoji, in-toto-run, osv-scanner: replace `git` with Git

* bzegrep: enclose egrep with backticks

Co-authored-by: Sebastiaan Speck <12570668+sebastiaanspeck@users.noreply.github.com>

* git-bug: use Git instead of `git`

Co-authored-by: Sebastiaan Speck <12570668+sebastiaanspeck@users.noreply.github.com>

* git-bug: use Git instead of `git`

Co-authored-by: Sebastiaan Speck <12570668+sebastiaanspeck@users.noreply.github.com>

* git-force-clone: use Git instead of `git`

Co-authored-by: Sebastiaan Speck <12570668+sebastiaanspeck@users.noreply.github.com>

* gitwatch: use Git instead of `git`

Co-authored-by: Sebastiaan Speck <12570668+sebastiaanspeck@users.noreply.github.com>

* hub-init: use Git instead of `git`

Co-authored-by: Sebastiaan Speck <12570668+sebastiaanspeck@users.noreply.github.com>

* pages.*: use Linux instead of GNU/Linux

---------

Co-authored-by: Lena <126529524+acuteenvy@users.noreply.github.com>
Co-authored-by: Sebastiaan Speck <12570668+sebastiaanspeck@users.noreply.github.com>
2024-01-30 12:46:32 +08:00

787 B
Raw Blame History

in-toto-run

Generating link metadata while carrying out a supply chain step. More information: https://in-toto.readthedocs.io/en/latest/command-line-tools/in-toto-run.html.

  • Tag a Git repo and signing the resulting link file:

in-toto-run -n {{tag}} --products {{.}} -k {{key_file}} -- {{git tag v1.0}}

  • Create a tarball, storing files as materials and the tarball as product:

in-toto-run -n {{package}} -m {{project}} -p {{project.tar.gz}} -- {{tar czf project.tar.gz project}}

  • Generate signed attestations for review work:

in-toto-run -n {{review}} -k {{key_file}} -m {{document.pdf}} -x

  • Scan the image using Trivy and generate link file:

in-toto-run -n {{scan}} -k {{key_file}} -p {{report.json}} -- {{/bin/sh -c "trivy -o report.json -f json <IMAGE>"}}