autonomy sign

Sign an OCI image and its attached lock/policy artifacts

Synopsis

Signs the OCI image and, optionally, the sidecar lock (-lock) and policy (-policy) artifacts with a key-based cosign signature.

Requires cosign to be installed and in PATH.

Key format: PKCS8 PEM (generated by openssl genpkey) or cosign’s encrypted .key format. For the encrypted format set COSIGN_PASSWORD in the environment before invoking this command.

AUTONOMY_TRUST_TIME (env var, default “true”): true — embeds an autonomy.signed-at= annotation in every signature. autonomy verify checks this annotation against –max-age (default 1y). false — skips the timestamp annotation entirely. WEAKENED: a holder of the private key can sign any artifact at any time with no temporal bound; stale or stolen keys cannot be detected via signature expiry. Use only in air-gapped environments with out-of-band key-rotation processes.

Usage

autonomy sign [flags]

Examples

# Sign image only
  autonomy sign --image localhost:5000/demo-agent:v0.1.0 --key demo/keys/cosign.key

  # Sign image + attached lock + attached policy
  autonomy sign --image localhost:5000/demo-agent:v0.1.0 \
      --key demo/keys/cosign.key --lock --policy

Options

      --allow-insecure-registry   allow plain HTTP registry (auto-detected for localhost)
      --image string              OCI image reference to sign (required)
      --key string                path to cosign private key (required)
      --lock                      also sign the sidecar lock artifact (<tag>-lock)
      --policy                    also sign the sidecar policy artifact (<tag>-policy)