Error: getting ctlog public keys: updating local metadata and targets: error updating to TUF remote mirror: invalid key #3614
Description
cosign verify --key ${PUBLIC_KEY_COSIGN} ${DOCKER_IMAGE_FULL_PATH}@${IMAGE_DIGEST} --insecure-ignore-tlog
WARNING: Skipping tlog verification is an insecure practice that lacks of transparency and auditability verification for the signature.
Error: getting ctlog public keys: updating local metadata and targets: error updating to TUF remote mirror: invalid key
remote status:{
"mirror": "https://sigstore-tuf-root.storage.googleapis.com/",
"metadata": {
"root.json": {
"version": 9,
"len": 6766,
"expiration": "12 Sep 24 06:53 UTC",
"error": ""
},
"snapshot.json": {
"version": 132,
"len": 2302,
"expiration": "09 Apr 24 16:16 UTC",
"error": ""
},
"targets.json": {
"version": 9,
"len": 5[47](https://gitlab.com//project/-/jobs/6444911415#L47)8,
"expiration": "12 Sep 24 06:13 UTC",
"error": ""
},
"timestamp.json": {
"version": 169,
"len": 723,
"expiration": "26 Mar 24 16:16 UTC",
"error": ""
}
}
}
main.go:74: error during command execution: getting ctlog public keys: updating local metadata and targets: error updating to TUF remote mirror: invalid key
remote status:{
"mirror": "https://sigstore-tuf-root.storage.googleapis.com",
"metadata": {
"root.json": {
"version": 9,
"len": 6766,
"expiration": "12 Sep 24 06:53 UTC",
"error": ""
},
"snapshot.json": {
"version": 132,
"len": 2302,
"expiration": "09 Apr 24 16:16 UTC",
"error": ""
},
"targets.json": {
"version": 9,
"len": [54](https://gitlab.com/project/-/jobs/6444911415#L54)78,
"expiration": "12 Sep 24 06:13 UTC",
"error": ""
},
"timestamp.json": {
"version": 169,
"len": 723,
"expiration": "26 Mar 24 16:16 UTC",
"error": ""
}
}
}
Version
cosign (2.0.1-r6)