github/zot
1
0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2026-06-17 21:17:58 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore: update cosign from v2 to v3 (#3561)

Browse Source 
* chore: update cosign from v2 to v3

Also do not import cosing into zli, as it doubles the bianry size
See: https://github.com/project-zot/zot/actions/runs/19506399474/job/55833719683?pr=3561

Signed-off-by: Andrei Aaron <andreifdaaron@gmail.com>

* chore: privileged-test should not depend on downloaded images

Signed-off-by: Andrei Aaron <andreifdaaron@gmail.com>

---------

Signed-off-by: Andrei Aaron <andreifdaaron@gmail.com>
This commit is contained in:
Andrei Aaron
2025-11-20 00:43:57 +02:00
committed by GitHub
parent 8e63df6678
commit 2b60e11ce4
13 changed files with 345 additions and 283 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/cli/client/client.go
+1 -2
View File
@@ -17,7 +17,6 @@ import (
"time"
ispec "github.com/opencontainers/image-spec/specs-go/v1"
"github.com/sigstore/cosign/v2/pkg/oci/remote"
zerr "zotregistry.dev/zot/v2/errors"
"zotregistry.dev/zot/v2/pkg/common"
@@ -520,7 +519,7 @@ func isCosignSigned(ctx context.Context, repo, digestStr string, searchConf Sear
username, password string,
) bool {
var result interface{}
cosignTag := strings.Replace(digestStr, ":", "-", 1) + "." + remote.SignatureTagSuffix
cosignTag := strings.Replace(digestStr, ":", "-", 1) + "." + common.CosignSignatureTagSuffix
URL := fmt.Sprintf("%s/v2/%s/manifests/%s", searchConf.ServURL, repo, cosignTag)