mirrors/aws-signer-notation-plugin

chore(deps): Bump github.com/aws/aws-sdk-go-v2/service/signer from 1.27.2 to 1.32.0 in /examples (#371)

Bumps github.com/aws/aws-sdk-go-v2/service/signer from 1.27.2 to 1.32.0.

Commits

7a76a2a Release 2024-10-04
e35b8be Regenerated Clients
6e95871 Update endpoints model
0d58df3 Update API model
280579a add HTTP client metrics from smithy-go (#2815)
cb83a1c Release 2024-10-03
8503c83 Regenerated Clients
317e15b Update endpoints model
3ff5168 Update API model
6191b25 Release 2024-10-02
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don’t alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Signed-off-by: dependabot[bot] support@github.com Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

AWS Signer Plugin for Notation

Notation is an open source tool developed by the Notary Project, which supports signing and verifying container images and other artifacts. The AWS Signer Notation plugin, allows users of Notation (notation CLI and notation-go) to sign and verify artifacts (such as container images) using AWS Signer. AWS Signer is a fully managed code-signing service to ensure the trust and integrity of your code. AWS Signer manages the code-signing certificates, secures private keys, and manages key rotation without requiring users to take any action.

The plugin is compliant with the Notary Project specification. It uses the AWS Signer SignPayload API for signing, and GetRevocationStatus API for signature verification.

Getting Started

To use AWS Signer Notation plugin:

Notation CLI - Please refer AWS Signer documentation for guidance on signing and verifying OCI artifacts.
notation-go library - You can use this plugin as library with notation-go, eliminating the need for invoking plugin executable. Please refer the provided examples on how to use plugin as library with notation-go.

Building from Source

Install go. For more information, refer go documentation.
The plugin uses go modules for dependency management. For more information, refer go modules.
Run make build to build the AWS Signer Notation plugin.
Upon completion of the build process, the plugin executable will be created at build/bin/notation-com.amazonaws.signer.notation.plugin.

Now you can use this plugin executable with notation CLI by using the following command:

notation plugin install --file ./build/bin/notation-com.amazonaws.signer.notation.plugin

Make Targets

The following targets are available. Each may be run with make <target>.

Make Target	Description
`help`	shows available make targets
`build`	builds the plugin executable for current environment (e.g. Linux, Darwin and Windows)
`test`	runs all the unit tests using `go test`
`generate-mocks`	generates the mocks required for unit tests
`clean`	removes build artifacts and auto generated mocks.

Security disclosures

To report a potential security issue, please do not create a new Issue in the repository. Instead, please report using the instructions here or email AWS security directly.

License

This project is licensed under the Apache-2.0 License.