{"version":"1.0","workflow_uuid":"87421f84-3943-11f1-9bc6-00163e2b0d79","workflow_title":"Cosign — Sign and Verify Container Images and Artifacts","install_contract":{"version":"1.0","installReady":false,"title":"Cosign — Sign and Verify Container Images and Artifacts","summary":"Cosign by Sigstore lets you cryptographically sign container images, verify signatures in CI/CD and admission controllers, and establish software supply chain trust with keyless signing via OIDC.","assetType":"Configs","pageUrl":"https://tokrepo.com/en/workflows/87421f84-3943-11f1-9bc6-00163e2b0d79","sourceUrl":"https://accounts.google.com","intendedFor":[],"firstActions":[],"agentFirstSteps":[],"targetPaths":[],"verification":[],"startingPoints":[],"example":"","successOutcome":"","boundaries":[],"askUserIf":["the current workspace stack cannot be matched to a safe upstream template","the target path is not the project root, or an existing file should be merged instead of overwritten"]}}