No description
e2aae1da73
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.3.0 to 3.4.0. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/v3.3.0...v3.4.0) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|---|---|---|
| .github | ||
| empty | ||
| modules | ||
| Containerfile | ||
| cosign.pub | ||
| LICENSE | ||
| modules.json | ||
| README.md | ||
bling
This repository containes modules to use in recipe.yml. See list of modules in ./modules
Usage
You can add this to your Containerfile to copy the modules from this image over:
COPY --from=ghcr.io/ublue-os/bling:latest /modules /tmp/modules/
Verification
These images are signed with sisgstore's cosign. You can verify the signature by downloading the cosign.pub key from this repo and running the following command:
cosign verify --key cosign.pub ghcr.io/ublue-os/bling
See what is in this image
Raw commands
NOTE: This makes it so you need to extract everything from the base image!
podman save ghcr.io/ublue-os/bling:latest -o bling.tar
tar xf bling.tar && rm bling.tar
tar xf *.tar
This should extract the image in a way that you can see everything in it!
Using Dive
This method allows you to inspect the image through a TUI
dive ghcr.io/ublue-os/bling:latest