feat: sign.kontain.me

[developer-guy]

Signed-off-by: Batuhan Apaydın batuhan.apaydin@trendyol.com

Fixes #62

cc: @Dentrax @imjasonh @dlorenc

I couldn't find a way to debug and test this but if you can enlighten us about it, we would love to do that. 🙋🏻‍♂️🤝🚀

[imjasonh]

Thanks for hacking on this!

[imjasonh]

Why is this dependency added?

[developer-guy]

without this, client-go throws an error like the following:

Error Log

../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:22:2: missing go.sum entry for module providing package k8s.io/api/admissionregistration/v1 (imported by k8s.io/client-go/kubernetes/typed/admissionregistration/v1); to add:
	go get k8s.io/client-go/kubernetes/typed/admissionregistration/v1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:23:2: missing go.sum entry for module providing package k8s.io/api/admissionregistration/v1beta1 (imported by k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1); to add:
	go get k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:24:2: missing go.sum entry for module providing package k8s.io/api/apiserverinternal/v1alpha1 (imported by k8s.io/client-go/kubernetes/typed/apiserverinternal/v1alpha1); to add:
	go get k8s.io/client-go/kubernetes/typed/apiserverinternal/v1alpha1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:25:2: missing go.sum entry for module providing package k8s.io/api/apps/v1 (imported by k8s.io/client-go/kubernetes/typed/apps/v1); to add:
	go get k8s.io/client-go/kubernetes/typed/apps/v1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:26:2: missing go.sum entry for module providing package k8s.io/api/apps/v1beta1 (imported by k8s.io/client-go/kubernetes/typed/apps/v1beta1); to add:
	go get k8s.io/client-go/kubernetes/typed/apps/v1beta1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:27:2: missing go.sum entry for module providing package k8s.io/api/apps/v1beta2 (imported by k8s.io/client-go/kubernetes/typed/apps/v1beta2); to add:
	go get k8s.io/client-go/kubernetes/typed/apps/v1beta2@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:28:2: missing go.sum entry for module providing package k8s.io/api/authentication/v1 (imported by k8s.io/client-go/kubernetes/typed/authentication/v1); to add:
	go get k8s.io/client-go/kubernetes/typed/authentication/v1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:29:2: missing go.sum entry for module providing package k8s.io/api/authentication/v1beta1 (imported by k8s.io/client-go/kubernetes/typed/authentication/v1beta1); to add:
	go get k8s.io/client-go/kubernetes/typed/authentication/v1beta1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:30:2: missing go.sum entry for module providing package k8s.io/api/authorization/v1 (imported by k8s.io/client-go/kubernetes/typed/authorization/v1); to add:
	go get k8s.io/client-go/kubernetes/typed/authorization/v1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:31:2: missing go.sum entry for module providing package k8s.io/api/authorization/v1beta1 (imported by k8s.io/client-go/kubernetes/typed/authorization/v1beta1); to add:
	go get k8s.io/client-go/kubernetes/typed/authorization/v1beta1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:32:2: missing go.sum entry for module providing package k8s.io/api/autoscaling/v1 (imported by k8s.io/client-go/kubernetes/typed/apps/v1); to add:
	go get k8s.io/client-go/kubernetes/typed/apps/v1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:33:2: missing go.sum entry for module providing package k8s.io/api/autoscaling/v2beta1 (imported by k8s.io/client-go/kubernetes/typed/autoscaling/v2beta1); to add:
	go get k8s.io/client-go/kubernetes/typed/autoscaling/v2beta1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:34:2: missing go.sum entry for module providing package k8s.io/api/autoscaling/v2beta2 (imported by k8s.io/client-go/kubernetes/typed/autoscaling/v2beta2); to add:
	go get k8s.io/client-go/kubernetes/typed/autoscaling/v2beta2@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:35:2: missing go.sum entry for module providing package k8s.io/api/batch/v1 (imported by k8s.io/client-go/kubernetes/typed/batch/v1); to add:
	go get k8s.io/client-go/kubernetes/typed/batch/v1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:36:2: missing go.sum entry for module providing package k8s.io/api/batch/v1beta1 (imported by k8s.io/client-go/kubernetes/typed/batch/v1beta1); to add:
	go get k8s.io/client-go/kubernetes/typed/batch/v1beta1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:37:2: missing go.sum entry for module providing package k8s.io/api/certificates/v1 (imported by k8s.io/client-go/kubernetes/typed/certificates/v1); to add:
	go get k8s.io/client-go/kubernetes/typed/certificates/v1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:38:2: missing go.sum entry for module providing package k8s.io/api/certificates/v1beta1 (imported by k8s.io/client-go/kubernetes/typed/certificates/v1beta1); to add:
	go get k8s.io/client-go/kubernetes/typed/certificates/v1beta1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:39:2: missing go.sum entry for module providing package k8s.io/api/coordination/v1 (imported by k8s.io/client-go/kubernetes/typed/coordination/v1); to add:
	go get k8s.io/client-go/kubernetes/typed/coordination/v1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:40:2: missing go.sum entry for module providing package k8s.io/api/coordination/v1beta1 (imported by k8s.io/client-go/kubernetes/typed/coordination/v1beta1); to add:
	go get k8s.io/client-go/kubernetes/typed/coordination/v1beta1@v0.21.6
../../../../../../../go/pkg/mod/github.com/vdemeester/k8s-pkg-credentialprovider@v1.21.0-1/secrets/secrets.go:22:2: missing go.sum entry for module providing package k8s.io/api/core/v1 (imported by github.com/google/go-containerregistry/pkg/authn/k8schain); to add:
	go get github.com/google/go-containerregistry/pkg/authn/k8schain@v0.0.0-20211102215614-dd49079bb93d
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:42:2: missing go.sum entry for module providing package k8s.io/api/discovery/v1 (imported by k8s.io/client-go/kubernetes/typed/discovery/v1); to add:
	go get k8s.io/client-go/kubernetes/typed/discovery/v1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:43:2: missing go.sum entry for module providing package k8s.io/api/discovery/v1beta1 (imported by k8s.io/client-go/kubernetes/typed/discovery/v1beta1); to add:
	go get k8s.io/client-go/kubernetes/typed/discovery/v1beta1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:44:2: missing go.sum entry for module providing package k8s.io/api/events/v1 (imported by k8s.io/client-go/kubernetes/typed/events/v1); to add:
	go get k8s.io/client-go/kubernetes/typed/events/v1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:45:2: missing go.sum entry for module providing package k8s.io/api/events/v1beta1 (imported by k8s.io/client-go/kubernetes/typed/events/v1beta1); to add:
	go get k8s.io/client-go/kubernetes/typed/events/v1beta1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:46:2: missing go.sum entry for module providing package k8s.io/api/extensions/v1beta1 (imported by k8s.io/client-go/kubernetes/typed/extensions/v1beta1); to add:
	go get k8s.io/client-go/kubernetes/typed/extensions/v1beta1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:47:2: missing go.sum entry for module providing package k8s.io/api/flowcontrol/v1alpha1 (imported by k8s.io/client-go/kubernetes/typed/flowcontrol/v1alpha1); to add:
	go get k8s.io/client-go/kubernetes/typed/flowcontrol/v1alpha1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:48:2: missing go.sum entry for module providing package k8s.io/api/flowcontrol/v1beta1 (imported by k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta1); to add:
	go get k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:49:2: missing go.sum entry for module providing package k8s.io/api/networking/v1 (imported by k8s.io/client-go/kubernetes/typed/networking/v1); to add:
	go get k8s.io/client-go/kubernetes/typed/networking/v1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:50:2: missing go.sum entry for module providing package k8s.io/api/networking/v1beta1 (imported by k8s.io/client-go/kubernetes/typed/networking/v1beta1); to add:
	go get k8s.io/client-go/kubernetes/typed/networking/v1beta1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:51:2: missing go.sum entry for module providing package k8s.io/api/node/v1 (imported by k8s.io/client-go/kubernetes/typed/node/v1); to add:
	go get k8s.io/client-go/kubernetes/typed/node/v1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:52:2: missing go.sum entry for module providing package k8s.io/api/node/v1alpha1 (imported by k8s.io/client-go/kubernetes/typed/node/v1alpha1); to add:
	go get k8s.io/client-go/kubernetes/typed/node/v1alpha1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:53:2: missing go.sum entry for module providing package k8s.io/api/node/v1beta1 (imported by k8s.io/client-go/kubernetes/typed/node/v1beta1); to add:
	go get k8s.io/client-go/kubernetes/typed/node/v1beta1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:54:2: missing go.sum entry for module providing package k8s.io/api/policy/v1 (imported by k8s.io/client-go/kubernetes/typed/policy/v1); to add:
	go get k8s.io/client-go/kubernetes/typed/policy/v1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:55:2: missing go.sum entry for module providing package k8s.io/api/policy/v1beta1 (imported by k8s.io/client-go/kubernetes/typed/core/v1); to add:
	go get k8s.io/client-go/kubernetes/typed/core/v1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:56:2: missing go.sum entry for module providing package k8s.io/api/rbac/v1 (imported by k8s.io/client-go/kubernetes/typed/rbac/v1); to add:
	go get k8s.io/client-go/kubernetes/typed/rbac/v1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:57:2: missing go.sum entry for module providing package k8s.io/api/rbac/v1alpha1 (imported by k8s.io/client-go/kubernetes/typed/rbac/v1alpha1); to add:
	go get k8s.io/client-go/kubernetes/typed/rbac/v1alpha1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:58:2: missing go.sum entry for module providing package k8s.io/api/rbac/v1beta1 (imported by k8s.io/client-go/kubernetes/typed/rbac/v1beta1); to add:
	go get k8s.io/client-go/kubernetes/typed/rbac/v1beta1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:59:2: missing go.sum entry for module providing package k8s.io/api/scheduling/v1 (imported by k8s.io/client-go/kubernetes/typed/scheduling/v1); to add:
	go get k8s.io/client-go/kubernetes/typed/scheduling/v1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:60:2: missing go.sum entry for module providing package k8s.io/api/scheduling/v1alpha1 (imported by k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1); to add:
	go get k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:61:2: missing go.sum entry for module providing package k8s.io/api/scheduling/v1beta1 (imported by k8s.io/client-go/kubernetes/typed/scheduling/v1beta1); to add:
	go get k8s.io/client-go/kubernetes/typed/scheduling/v1beta1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:62:2: missing go.sum entry for module providing package k8s.io/api/storage/v1 (imported by k8s.io/client-go/kubernetes/typed/storage/v1); to add:
	go get k8s.io/client-go/kubernetes/typed/storage/v1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:63:2: missing go.sum entry for module providing package k8s.io/api/storage/v1alpha1 (imported by k8s.io/client-go/kubernetes/typed/storage/v1alpha1); to add:
	go get k8s.io/client-go/kubernetes/typed/storage/v1alpha1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/kubernetes/scheme/register.go:64:2: missing go.sum entry for module providing package k8s.io/api/storage/v1beta1 (imported by k8s.io/client-go/kubernetes/typed/storage/v1beta1); to add:
	go get k8s.io/client-go/kubernetes/typed/storage/v1beta1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/tools/cache/listers.go:22:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/api/errors (imported by k8s.io/client-go/rest); to add:
	go get k8s.io/client-go/rest@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/tools/cache/index.go:22:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/api/meta (imported by k8s.io/client-go/tools/cache); to add:
	go get k8s.io/client-go/tools/cache@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/applyconfigurations/core/v1/emptydirvolumesource.go:23:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/api/resource (imported by k8s.io/client-go/applyconfigurations/autoscaling/v2beta1); to add:
	go get k8s.io/client-go/applyconfigurations/autoscaling/v2beta1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/tools/pager/pager.go:25:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/apis/meta/internalversion (imported by k8s.io/client-go/tools/pager); to add:
	go get k8s.io/client-go/tools/pager@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/tools/cache/listers.go:24:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/apis/meta/v1 (imported by github.com/google/go-containerregistry/pkg/authn/k8schain); to add:
	go get github.com/google/go-containerregistry/pkg/authn/k8schain@v0.0.0-20211102215614-dd49079bb93d
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/tools/cache/reflector.go:32:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/apis/meta/v1/unstructured (imported by k8s.io/client-go/tools/cache); to add:
	go get k8s.io/client-go/tools/cache@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/pkg/apis/clientauthentication/v1alpha1/conversion.go:20:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/conversion (imported by k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1); to add:
	go get k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/tools/cache/listwatch.go:23:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/fields (imported by k8s.io/client-go/tools/cache); to add:
	go get k8s.io/client-go/tools/cache@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/tools/cache/listers.go:25:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/labels (imported by knative.dev/pkg/kmeta); to add:
	go get knative.dev/pkg/kmeta@v0.0.0-20211004133827-74ac82a333a4
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/tools/cache/controller.go:23:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/runtime (imported by k8s.io/client-go/rest); to add:
	go get k8s.io/client-go/rest@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/tools/cache/listers.go:27:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/runtime/schema (imported by k8s.io/client-go/rest); to add:
	go get k8s.io/client-go/rest@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/plugin/pkg/client/auth/exec/exec.go:41:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/runtime/serializer (imported by k8s.io/client-go/discovery); to add:
	go get k8s.io/client-go/discovery@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/tools/clientcmd/api/latest/latest.go:22:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/runtime/serializer/json (imported by k8s.io/client-go/tools/clientcmd/api/latest); to add:
	go get k8s.io/client-go/tools/clientcmd/api/latest@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/rest/request.go:41:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/runtime/serializer/streaming (imported by k8s.io/client-go/rest); to add:
	go get k8s.io/client-go/rest@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/tools/clientcmd/api/latest/latest.go:23:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/runtime/serializer/versioning (imported by k8s.io/client-go/tools/clientcmd/api/latest); to add:
	go get k8s.io/client-go/tools/clientcmd/api/latest@v0.21.6
../../../../../../../go/pkg/mod/knative.dev/pkg@v0.0.0-20211004133827-74ac82a333a4/kmeta/labels.go:24:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/selection (imported by knative.dev/pkg/kmeta); to add:
	go get knative.dev/pkg/kmeta@v0.0.0-20211004133827-74ac82a333a4
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/rest/client.go:29:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/types (imported by k8s.io/client-go/rest); to add:
	go get k8s.io/client-go/rest@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/tools/cache/mutation_cache.go:29:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/util/cache (imported by k8s.io/client-go/tools/cache); to add:
	go get k8s.io/client-go/tools/cache@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/tools/cache/controller.go:24:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/util/clock (imported by k8s.io/client-go/rest); to add:
	go get k8s.io/client-go/rest@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/tools/cache/mutation_detector.go:30:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/util/diff (imported by k8s.io/client-go/tools/cache); to add:
	go get k8s.io/client-go/tools/cache@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/tools/clientcmd/loader.go:33:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/util/errors (imported by k8s.io/client-go/tools/clientcmd); to add:
	go get k8s.io/client-go/tools/clientcmd@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/applyconfigurations/apps/v1/rollingupdatedaemonset.go:22:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/util/intstr (imported by k8s.io/client-go/applyconfigurations/apps/v1); to add:
	go get k8s.io/client-go/applyconfigurations/apps/v1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/applyconfigurations/admissionregistration/v1/mutatingwebhookconfiguration.go:25:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/util/managedfields (imported by k8s.io/client-go/applyconfigurations/admissionregistration/v1); to add:
	go get k8s.io/client-go/applyconfigurations/admissionregistration/v1@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/tools/cache/reflector.go:36:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/util/naming (imported by k8s.io/client-go/tools/cache); to add:
	go get k8s.io/client-go/tools/cache@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/tools/cache/reflector.go:37:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/util/net (imported by github.com/vdemeester/k8s-pkg-credentialprovider/gcp); to add:
	go get github.com/vdemeester/k8s-pkg-credentialprovider/gcp@v1.21.0-1
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/tools/cache/controller.go:25:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/util/runtime (imported by k8s.io/client-go/tools/cache); to add:
	go get k8s.io/client-go/tools/cache@v0.21.6
../../../../../../../go/pkg/mod/github.com/vdemeester/k8s-pkg-credentialprovider@v1.21.0-1/keyring.go:26:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/util/sets (imported by github.com/vdemeester/k8s-pkg-credentialprovider); to add:
	go get github.com/vdemeester/k8s-pkg-credentialprovider@v1.21.0-1
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/tools/clientcmd/validation.go:27:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/util/validation (imported by k8s.io/client-go/tools/clientcmd); to add:
	go get k8s.io/client-go/tools/clientcmd@v0.21.6
../../../../../../../go/pkg/mod/github.com/vdemeester/k8s-pkg-credentialprovider@v1.21.0-1/aws/aws_credentials.go:35:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/util/wait (imported by github.com/vdemeester/k8s-pkg-credentialprovider/aws); to add:
	go get github.com/vdemeester/k8s-pkg-credentialprovider/aws@v1.21.0-1
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/plugin/pkg/client/auth/gcp/gcp.go:33:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/util/yaml (imported by k8s.io/client-go/plugin/pkg/client/auth/gcp); to add:
	go get k8s.io/client-go/plugin/pkg/client/auth/gcp@v0.21.6
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/pkg/version/version.go:23:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/version (imported by k8s.io/component-base/version); to add:
	go get k8s.io/component-base/version@v0.21.4
../../../../../../../go/pkg/mod/k8s.io/client-go@v0.21.6/tools/cache/listwatch.go:25:2: missing go.sum entry for module providing package k8s.io/apimachinery/pkg/watch (imported by k8s.io/client-go/rest); to add:
	go get k8s.io/client-go/rest@v0.21.6

[imjasonh]

You can run the server locally with BUCKET=your-gcs-bucket go run ./cmd/sign and pull an image with crane validate --remote=localhost:8080/busybox

This test should also cosign verify the signature for the image

[Dentrax]

We just implemented the Verification method for the keyless mode:

verified, _, err := cosign.VerifyImageSignatures(ctx, ref, &cosign.CheckOpts{
  RekorURL:           "https://rekor.sigstore.dev",
  RegistryClientOpts: co,
})

And we're printing results to stdout as follows:

verify.PrintVerification(refstr, verified, "text")

Is that what you asked for?

[imjasonh]

So, this command will generate and attempt to push a signature to the registry. This will fail, because this registry doesn't accept pushes, and is only a pull-through cache/mirror. We have a couple options:

1. have the registry accept pushes, but only for signatures.
2. don't have this code push the signature back to its own registry, but instead have it generate the signature and write it directly to storage, so that the user can fetch and verify it.

I have a preference for (2) but I'm open to (1) as an easy workaround to help validate the idea.

[Dentrax]

1. have the registry accept pushes, but only for signatures.

We can specify the registry using $COSIGN_REPOSITORY env variable here, I guess.

2. don't have this code push the signature back to its own registry, but instead have it generate the signature and write it directly to storage, so that the user can fetch and verify it.

IIUC, I think cosign currently does not support such a --skip-push or --output-signature features. This requires additional work to do in the SignCmd to decide functionality, right? @dlorenc

[developer-guy]

@dlorenc, yes, we are so excited about this effort, so, we can add this support to cosign if there is no specific reason for not supporting it 🙏 The main idea is that we can output the signature to the local disk or standard output instead of uploading it to the registry, so, with this, we will be able to upload this signature to the GCS Bucket for later use as @imjasonh mentioned above.

[developer-guy]

So, this command will generate and attempt to push a signature to the registry. This will fail, because this registry doesn't accept pushes, and is only a pull-through cache/mirror. We have a couple options:

@imjasonh I couldn't understand much, can you explain a bit more, thanks in advance?

[imjasonh]

I think we're thinking of kontain.me too much like a regular registry, instead of imagining all the magical things it could do behind the scenes 🪄 .

kontain.me doesn't just support pushes and pulls like a regular registry (it doesn't support pushes at all), it's also capable of writing other data to the registry in response to pulls, without the user being involved. So when someone pulls sign.kontain.me/ubuntu, we'll pull and serve ubuntu's manifests/blobs like normal, but we'll also magically create a :sha256-abcdef.sig manifest and signature blobs, so that when the user does cosign verify sign.kontain.me/ubuntu, the signature is already there.

This doesn't have to be done the normal way, where cosign CLI or sign.SignCmd generates and pushes the signature, it can also be done by doing all stuff cosign does directly -- generate a manifest and signature blob, and write those to registry storage at the :sha256-abcdef.sig tag for pulling later.

sign.SignCmd is probably the wrong interface to use for this, because it (correctly) assumes it's a client talking to a registry that accepts pushes. In our case, we are the registry, and can write manifests and blobs directly to storage.

In order to do this, we'll have to peel back what sign.SignCmd does to understand it better and replicate it in kontain.me -- but that's the point of kontain.me, to learn more about how things work! 😄

edit: I'm happy to chat over video to explain better (hopefully), I'm in US Eastern time, so I think there are some overlapping working hours between us.