{"id":20148257,"url":"https://github.com/chainguard-dev/terraform-provider-cosign","last_synced_at":"2026-05-11T15:20:15.339Z","repository":{"id":155014260,"uuid":"631375100","full_name":"chainguard-dev/terraform-provider-cosign","owner":"chainguard-dev","description":"Terraform provider for Sigstore Cosign","archived":false,"fork":false,"pushed_at":"2026-02-12T00:42:24.000Z","size":1203,"stargazers_count":12,"open_issues_count":4,"forks_count":16,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-02-12T11:05:49.744Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://registry.terraform.io/providers/chainguard-dev/cosign/latest","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/chainguard-dev.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2023-04-22T20:31:39.000Z","updated_at":"2026-02-12T00:41:55.000Z","dependencies_parsed_at":"2024-02-28T19:25:38.585Z","dependency_job_id":"dc721a8f-88b1-4233-88d8-009a97980001","html_url":"https://github.com/chainguard-dev/terraform-provider-cosign","commit_stats":null,"previous_names":[],"tags_count":37,"template":false,"template_full_name":null,"purl":"pkg:github/chainguard-dev/terraform-provider-cosign","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chainguard-dev%2Fterraform-provider-cosign","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chainguard-dev%2Fterraform-provider-cosign/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chainguard-dev%2Fterraform-provider-cosign/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chainguard-dev%2Fterraform-provider-cosign/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/chainguard-dev","download_url":"https://codeload.github.com/chainguard-dev/terraform-provider-cosign/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chainguard-dev%2Fterraform-provider-cosign/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29804138,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-24T22:43:48.403Z","status":"ssl_error","status_checked_at":"2026-02-24T22:43:18.536Z","response_time":75,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-13T22:36:15.857Z","updated_at":"2026-02-24T23:01:49.758Z","avatar_url":"https://github.com/chainguard-dev.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Terraform Provider for [`cosign`](https://github.com/sigstore/cosign)\n\n🚨 **This is a work in progress.** 🚨\n\nhttps://registry.terraform.io/providers/chainguard-dev/cosign\n\n## Usage\n\nThis provides a `cosign_verify` data source, which can be used with any\ncontainerized infrastructure rules to enforce deploy-time policy checking:\n\n```hcl\ndata \"cosign_verify\" \"example\" {\n  image  = \"cgr.dev/chainguard/static:latest-glibc\"\n  policy = file(\"my-policy.yaml\")\n}\n\n# Use \"data.cosign_verify.example.verified_ref\" in downstream rules (see below).\n```\n\nSee provider examples:\n\n- [ECS](./provider-examples/ecs/README.md)\n\n\nThis provider also exposes `cosign_sign` and `cosign_attest` resources that will\nsign and attest a provided OCI digest, which is intended to compose with\nOCI providers such as [`ko`](https://github.com/ko-build/terraform-provider-ko),\n[`apko`](https://github.com/chainguard-dev/terraform-provider-apko), and\n[`oci`](https://github.com/chainguard-dev/terraform-provider-oci).\n\nHere is an example using the `ko` provider building on the verified base image\nabove:\n\n```hcl\n# This is simply for illustration purposes!\nresource \"ko_build\" \"image-build\" {\n  base_image  = data.cosign_verify.example.verified_ref\n  importpath  = \"...\"\n  repo        = var.where-to-publish\n}\n\nresource \"cosign_sign\" \"example\" {\n  image = ko_build.image-build.image_ref\n}\n\nresource \"cosign_attest\" \"example\" {\n  image          = cosign_sign.example.signed_ref\n\n  predicates {\n    type = \"https://example.com/my/predicate/type\"\n    json = jsonencode({\n      // Your claim here!\n    })\n  }\n\n  // Inlining e.g. huge SBOMs will slow down terraform a lot, so reference a file.\n  predicates {\n    type = \"https://example.com/my/predicate/too-big-for-terraform.tfstate\"\n    file = {\n      path   = \"/tmp/giant-file.json\"\n      sha256 = \"74af7407b59f9021f76a6f9ee66149c5df1ef6442617a805a7860ce18074158d\"\n    }\n  }\n}\n\n# Reference cosign_attest.example.attested_ref to ensure we wait for all of the\n# metadata to be published.\n```\n\n## Disabling\n\nThe provider will skip signing/attesting when ambient credentials are not\npresent, but can also be explicitly disabled by setting `TF_COSIGN_DISABLE` to\nany value.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchainguard-dev%2Fterraform-provider-cosign","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fchainguard-dev%2Fterraform-provider-cosign","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchainguard-dev%2Fterraform-provider-cosign/lists"}