From 0e4b208df65dea52d52b8595ddec832098508193 Mon Sep 17 00:00:00 2001 From: Rod Anami Date: Thu, 7 Mar 2024 15:09:07 -0300 Subject: [PATCH] linted readme Signed-off-by: Rod Anami added instructions to verify tarball Signed-off-by: Rod Anami fixed grammar Signed-off-by: Rod Anami changed per instructions Signed-off-by: Rod Anami added env variable to the filenames as well Signed-off-by: Rod Anami improved the use of env variable in command line Signed-off-by: Rod Anami fixed grammar and improved readability Signed-off-by: Rod Anami --- README.md | 50 ++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 44 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 8b291149..fa0cf53d 100644 --- a/README.md +++ b/README.md @@ -7,23 +7,61 @@ ## Installation -``` +```shell curl -sfL http://get.kubearmor.io/ | sudo sh -s -- -b /usr/local/bin ``` -### Installing from Source +### Installing From Source Build karmor from source if you want to test the latest (pre-release) karmor version. -``` +```shell git clone https://github.com/kubearmor/kubearmor-client.git cd kubearmor-client make install ``` -## Usage +### Steps to Verify the Binary (Recommended) + +We sign all releases with `cosign`, therefore we recommend verifying **karmor** tarball prior to its installation. + +Below are the instructions to verify the binary using `cosign` for version `v1.1.0`. + +- Use an environment variable to set the **karmor** version + +```shell +export KARMOR_VERSION="1.1.0" +``` + +- Download released tarball, certificate, and signature files + +
+ Download Details + +```shell +curl -LO https://github.com/kubearmor/kubearmor-client/releases/download/v${KARMOR_VERSION}/karmor_${KARMOR_VERSION}_linux_amd64.tar.gz + +curl -LO https://github.com/kubearmor/kubearmor-client/releases/download/v${KARMOR_VERSION}/karmor_${KARMOR_VERSION}_linux_amd64.tar.gz.cert +curl -LO https://github.com/kubearmor/kubearmor-client/releases/download/v${KARMOR_VERSION}/karmor_${KARMOR_VERSION}_linux_amd64.tar.gz.sig ``` + +
+ +- Verify the released tarball integrity with `cosign` + +
+ Verification Details + +```shell +cosign verify-blob karmor_${KARMOR_VERSION}_linux_amd64.tar.gz --certificate-identity=https://github.com/kubearmor/kubearmor-client/.github/workflows/release.yml@refs/tags/v${KARMOR_VERSION} --certificate-oidc-issuer=https://token.actions.githubusercontent.com --signature karmor_${KARMOR_VERSION}_linux_amd64.tar.gz.sig --certificate karmor_${KARMOR_VERSION}_linux_amd64.tar.gz.cert +``` + +
+ +## Usage + +```shell CLI Utility to help manage KubeArmor KubeArmor is a container-aware runtime security enforcement system that @@ -56,6 +94,6 @@ Flags: Use "karmor [command] --help" for more information about a command. ``` - ## License -[![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fkubearmor%2Fkubearmor-client.svg?type=large)](https://app.fossa.com/projects/git%2Bgithub.com%2Fkubearmor%2Fkubearmor-client?ref=badge_large) \ No newline at end of file + +[![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fkubearmor%2Fkubearmor-client.svg?type=large)](https://app.fossa.com/projects/git%2Bgithub.com%2Fkubearmor%2Fkubearmor-client?ref=badge_large)