1## cosign download attestation
2
3Download in-toto attestations from the supplied container image
4
5```
6cosign download attestation [flags]
7```
8
9### Examples
10
11```
12 cosign download attestation <image uri> [--predicate-type]
13```
14
15### Options
16
17```
18 --allow-http-registry whether to allow using HTTP protocol while connecting to registries. Don't use this for anything but testing
19 --allow-insecure-registry whether to allow insecure connections to registries (e.g., with expired or self-signed TLS certificates). Don't use this for anything but testing
20 --attachment-tag-prefix [AttachmentTagPrefix]sha256-[TargetImageDigest].[AttachmentName] optional custom prefix to use for attached image tags. Attachment images are tagged as: [AttachmentTagPrefix]sha256-[TargetImageDigest].[AttachmentName]
21 -h, --help help for attestation
22 --k8s-keychain whether to use the kubernetes keychain instead of the default keychain (supports workload identity).
23 --platform string download attestation for a specific platform image
24 --predicate-type string download attestation with matching predicateType
25 --registry-password string registry basic auth password
26 --registry-token string registry bearer auth token
27 --registry-username string registry basic auth username
28```
29
30### Options inherited from parent commands
31
32```
33 --output-file string log output to a file
34 -t, --timeout duration timeout for commands (default 3m0s)
35 -d, --verbose log debug output
36```
37
38### SEE ALSO
39
40* [cosign download](cosign_download.md) - Provides utilities for downloading artifacts and attached artifacts in a registry
41
View as plain text