From d1f27bfa82530f9f4e0bd33047c4efaa62bcfea5 Mon Sep 17 00:00:00 2001 From: hayleycd Date: Sun, 13 Oct 2024 13:16:14 -0700 Subject: [PATCH] Fixing links and minor cleanup. Signed-off-by: hayleycd --- .../language_clients/python/installation.md | 4 +-- .../python/python_client_overview.md | 31 +++---------------- .../language_clients/python/root_of_trust.md | 14 ++------- content/en/language_clients/python/signing.md | 1 - .../en/language_clients/python/verifying.md | 2 -- 5 files changed, 9 insertions(+), 43 deletions(-) diff --git a/content/en/language_clients/python/installation.md b/content/en/language_clients/python/installation.md index 93428a76..763e514d 100644 --- a/content/en/language_clients/python/installation.md +++ b/content/en/language_clients/python/installation.md @@ -6,8 +6,6 @@ title: Installation weight: 5 --- -## Installation - `sigstore` requires Python 3.8 or newer, and can be installed directly via `pip`: ```console @@ -20,4 +18,4 @@ Optionally, to install `sigstore` and all its dependencies with [hash-checking m python -m pip install -r https://raw.githubusercontent.com/sigstore/sigstore-python/main/install/requirements.txt ``` -This installs the requirements file located [here](https://github.com/sigstore/sigstore-python/blob/main/install/requirements.txt), which is kept up-to-date. +This installs the up-to-date [requirements file](https://github.com/sigstore/sigstore-python/blob/main/install/requirements.txt). diff --git a/content/en/language_clients/python/python_client_overview.md b/content/en/language_clients/python/python_client_overview.md index bd765f8c..ef611c54 100644 --- a/content/en/language_clients/python/python_client_overview.md +++ b/content/en/language_clients/python/python_client_overview.md @@ -10,13 +10,14 @@ weight: 1 ## Features -* Support for keyless signature generation and verification with [Sigstore](https://www.sigstore.dev/) -* Support for signing with ["ambient" OpenID Connect identities ](https://github.com/sigstore/sigstore-python#signing-with-ambient-credentials) -* A comprehensive [CLI](https://github.com/sigstore/sigstore-python#usage) and corresponding [importable Python API](https://sigstore.github.io/sigstore-python) +* Supports keyless signature generation and verification +* Supports signing with ["ambient" OpenID Connect identities ](../signing#signing-with-ambient-credentials) +* A comprehensive [CLI](#usage) and corresponding [importable Python API](https://sigstore.github.io/sigstore-python) +* An official [GitHub Action](../github_action) ## Usage -For Python API usage, see our [documentation](https://sigstore.github.io/sigstore-python/). +For Python API usage, see our [API documentation](https://sigstore.github.io/sigstore-python/). You can run `sigstore` as a standalone program, or via `python -m`: @@ -53,28 +54,6 @@ optional arguments: ``` -## Licensing - -`sigstore` is licensed under the Apache 2.0 License. - -## Community - -`sigstore-python` is developed as part of the [Sigstore](https://sigstore.dev) project. - -We also use a [Slack channel](https://sigstore.slack.com)! Click [here](https://join.slack.com/t/sigstore/shared_invite/zt-mhs55zh0-XmY3bcfWn4XEyMqUUutbUQ) for the invite link. - -## Contributing - -See [the contributing docs](https://github.com/sigstore/.github/blob/main/CONTRIBUTING.md) for details. - -## Code of Conduct - -Everyone interacting with this project is expected to follow the [sigstore Code of Conduct](https://github.com/sigstore/.github/blob/main/CODE_OF_CONDUCT.md). - -## Security - -Should you discover any security issues, please refer to sigstore's [security process](https://github.com/sigstore/.github/blob/main/SECURITY.md). - ### SLSA Provenance This project emits a SLSA provenance on its release! This enables you to verify the integrity of the downloaded artifacts and ensured that the binary's code really comes from this source code. diff --git a/content/en/language_clients/python/root_of_trust.md b/content/en/language_clients/python/root_of_trust.md index fb0f049e..ec574089 100644 --- a/content/en/language_clients/python/root_of_trust.md +++ b/content/en/language_clients/python/root_of_trust.md @@ -7,19 +7,11 @@ weight: 30 --- ## Configuring a custom root of trust ("BYO PKI") -Apart from the default and "staging" Sigstore instances, `sigstore` also -supports "BYO PKI" setups, where a user maintains their own Sigstore -instance services. +Apart from the default and "staging" Sigstore instances, `sigstore` also supports "BYO PKI" setups, where a user maintains their own Sigstore instance services. -These are supported via the `--trust-config` flag, which accepts a -JSON-formatted file conforming to the `ClientTrustConfig` message -in the [Sigstore protobuf specs](https://github.com/sigstore/protobuf-specs). -This file configures the entire Sigstore instance state, *including* the URIs -used to access the CA and artifact transparency services as well as the -cryptographic root of trust itself. +These are supported via the `--trust-config` flag, which accepts a JSON-formatted file conforming to the `ClientTrustConfig` message in the [Sigstore protobuf specs](https://github.com/sigstore/protobuf-specs). This file configures the entire Sigstore instance state, *including* the URIs used to access the CA and artifact transparency services as well as the cryptographic root of trust itself. -To use a custom client config, prepend `--trust-config` to any `sigstore` -command: +To use a custom client config, prepend `--trust-config` to any `sigstore` command: ```console $ sigstore --trust-config custom.trustconfig.json sign foo.txt diff --git a/content/en/language_clients/python/signing.md b/content/en/language_clients/python/signing.md index 11a09d9c..5ed0ca6c 100644 --- a/content/en/language_clients/python/signing.md +++ b/content/en/language_clients/python/signing.md @@ -5,7 +5,6 @@ menuTitle: Signing title: Signing weight: 10 --- -## Signing ``` diff --git a/content/en/language_clients/python/verifying.md b/content/en/language_clients/python/verifying.md index da137b59..186105cc 100644 --- a/content/en/language_clients/python/verifying.md +++ b/content/en/language_clients/python/verifying.md @@ -5,8 +5,6 @@ menuTitle: Verifying title: Verifying weight: 20 --- -## Verifying - ### Generic identities This is the most common verification done with `sigstore`, and therefore