mirror of
https://github.com/project-zot/zot.git
synced 2024-12-16 21:56:37 -05:00
zot - A scale-out production-ready vendor-neutral OCI-native container image/artifact registry (purely based on OCI Distribution Specification)
41b05c60dd
In order to verify signatures, users could upload their certificates and public keys using these routes: -> for public keys: /v2/_zot/ext/mgmt?resource=signatures&tool=cosign -> for certificates: /v2/_zot/ext/mgmt?resource=signatures&tool=notation&truststoreType=ca&truststoreName=name Then the public keys will be stored under $rootdir/_cosign and the certificates will be stored under $rootdir/_notation/truststore/x509/$truststoreType/$truststoreName. Also, for notation case, the "truststores" field of $rootir/_notation/trustpolicy.json file will be updated with a new entry "$truststoreType:$truststoreName". Also based on the uploaded files, the information about the signatures validity will be updated periodically. Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com> |
||
|---|---|---|
| .github | ||
| .zap | ||
| build | ||
| cmd | ||
| demos | ||
| docs | ||
| errors | ||
| examples | ||
| pkg | ||
| swagger | ||
| test | ||
| .gitignore | ||
| CODE_OF_CONDUCT.md | ||
| codecov.yml | ||
| CODEOWNERS | ||
| COMPARISON.md | ||
| CONTRIBUTING.md | ||
| go.mod | ||
| go.sum | ||
| golangcilint.yaml | ||
| LICENSE | ||
| MAINTAINERS.md | ||
| Makefile | ||
| NOTICE | ||
| README.md | ||
| README_fuzz.md | ||
| SECURITY.md | ||
| THIRD-PARTY-LICENSES.md | ||
| tools.go | ||
| zot.go | ||
zot 
zot: a production-ready vendor-neutral OCI image registry - images stored in OCI image format, distribution specification on-the-wire, that's it!
Docs
Documentation for zot is located at: https://zotregistry.io
Code of Conduct
Details are in the code of conduct