# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4 PortSystem 1.0 PortGroup golang 1.0 go.setup github.com/sigstore/cosign 2.4.1 v revision 0 categories security maintainers {judaew @judaew} openmaintainer license Apache-2 description Container Signing long_description \ Container Signing, Verification and Storage in an OCI registry. Cosign \ aims to make signatures invisible infrastructure. checksums rmd160 e537a2cdff9bc0c692ccdd6da48a115ff5e1fe69 \ sha256 c575cf4331fa53cdc0b7da769f10743dbf3a0db33b99b3ed2d2576d7d109af88 \ size 868472 # FIXME: This port currently can't be built without allowing go mod to fetch go.offline_build no build.cmd make build.pre_args GIT_VERSION="${version}" \ GIT_TAG="build from tarball" GIT_HASH="" GIT_TREESTATE="" build.target cosign destroot { xinstall -m 0755 ${worksrcpath}/cosign ${destroot}${prefix}/bin/ xinstall -d ${destroot}${prefix}/share/doc/${name} xinstall -m 0644 -W ${worksrcpath} \ CHANGELOG.md COPYRIGHT.txt LICENSE \ ${destroot}${prefix}/share/doc/${name} } variant sget description {sget command for safer, automatic verification of signatures and integration with transparency log Rekor} { post-build { system -W ${worksrcpath} "${build.env} ${go.bin} build ./cmd/sget" } post-destroot { xinstall -m 0755 ${worksrcpath}/sget \ ${destroot}${prefix}/bin/ } } github.livecheck.regex "(\\d+(?:\\.\\d+)+)"