1## cosign attach attestation
2
3Attach attestation to the supplied container image
4
5```
6cosign attach attestation [flags]
7```
8
9### Examples
10
11```
12 cosign attach attestation --attestation <attestation file path> <image uri>
13
14 # attach attestations from multiple files to a container image
15 cosign attach attestation --attestation <attestation file path> --attestation <attestation file path> <image uri>
16
17 # attach attestation from bundle files in form of JSONLines to a container image
18 # https://github.com/in-toto/attestation/blob/main/spec/v1.0-draft/bundle.md
19 cosign attach attestation --attestation <attestation bundle file path> <image uri>
20
21```
22
23### Options
24
25```
26 --allow-http-registry whether to allow using HTTP protocol while connecting to registries. Don't use this for anything but testing
27 --allow-insecure-registry whether to allow insecure connections to registries (e.g., with expired or self-signed TLS certificates). Don't use this for anything but testing
28 --attachment-tag-prefix [AttachmentTagPrefix]sha256-[TargetImageDigest].[AttachmentName] optional custom prefix to use for attached image tags. Attachment images are tagged as: [AttachmentTagPrefix]sha256-[TargetImageDigest].[AttachmentName]
29 --attestation stringArray path to the attestation envelope
30 -h, --help help for attestation
31 --k8s-keychain whether to use the kubernetes keychain instead of the default keychain (supports workload identity).
32 --registry-password string registry basic auth password
33 --registry-token string registry bearer auth token
34 --registry-username string registry basic auth username
35```
36
37### Options inherited from parent commands
38
39```
40 --output-file string log output to a file
41 -t, --timeout duration timeout for commands (default 3m0s)
42 -d, --verbose log debug output
43```
44
45### SEE ALSO
46
47* [cosign attach](cosign_attach.md) - Provides utilities for attaching artifacts to other artifacts in a registry
48
View as plain text