Comments (1)
Thank you for reporting this @jonahjon
Unfortunately, this issue did not reproduce both in my laptop and in a newly installed go 1.17.2 env inside a docker container. The log was like the below.
$ docker run --name go -t -i --rm golang:1.17.2 bash
root@1bd9865c03fa:/go# go install github.com/sigstore/k8s-manifest-sigstore/cmd/kubectl-sigstore@latest
go: downloading github.com/sigstore/k8s-manifest-sigstore v0.1.0
go: downloading github.com/ghodss/yaml v1.0.0
...
go: downloading github.com/Azure/go-autorest/autorest/azure/cli v0.4.2
go: downloading github.com/dimchansky/utfbom v1.1.1
root@1bd9865c03fa:/go# kubectl-sigstore version
{"Major":"0","Minor":"1","GitVersion":"v0.1.0","GitCommit":"unknown","GitTreeState":"unknown","BuildDate":"unknown","GoVersion":"go1.17.2","Compiler":"gc","Platform":"linux/amd64"}
As far as I know, that checksum issue can be caused by local module cache, so you can try cleaning them with the command below. (this could take a while)
$ go clean -modcache
from k8s-manifest-sigstore.
Related Issues (20)
- Mention Kyverno integration?
- `version` no longer printing version information
- Additional details on successful verification HOT 1
- Official support for signing and verifying via GitHub Actions HOT 2
- yaml signing failing : unsupported pem type: ENCRYPTED SIGSTORE PRIVATE KEY HOT 4
- bug: no certificate found on signature error for using public key to verify signature
- Request for updating dependencies to newer versions HOT 3
- Binaries for `arm64` HOT 2
- Extend verify-resource sub-command HOT 1
- Enable manifest build provenance HOT 1
- Add initial codes
- support pattern based multiple resource specification in verify-resource HOT 1
- Double gzip of message (which seems unnecessary?) HOT 1
- Keyless signing does not provide input prompt in device mode HOT 2
- refactor to refine sign/verify logics
- Security Policy violation Branch Protection HOT 3
- fix to check all existing resources with `verify-resource`
- Can this be updated to use cosing 1.13 ? HOT 8
- Generate SLSA Provenance on Release HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from k8s-manifest-sigstore.