adds keyless signatures documentation

[ChrisJBurns]

• adds keyless signatures documentation as part of documentation migration Migrate documentation to docs.sigstore.dev cosign#822

Signed-off-by: ChrisJBurns 29541485+ChrisJBurns@users.noreply.github.com

[netlify]

✅ Deploy Preview for docssigstore ready!

Name	Link
🔨 Latest commit	596e026
🔍 Latest deploy log	https://app.netlify.com/sites/docssigstore/deploys/63e2cf802c35690008a469e2
😎 Deploy Preview	https://deploy-preview-56--docssigstore.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site settings.

[ChrisJBurns]

@znewman01 Here's the keyless.md migration 👍

I've just copied and pasted the markdown, not sure if you wanted a refactor of the content itself? I assumed that the content in the keyless.md is good to go as is

[znewman01]

Looks great, just a wholesale migration is a good start

CC @ltagliaferri for approval

[ltagliaferri]

I left a few comments for changes, the most important ones are the ones around the GA as we should avoid merging in outdated info here.

[ChrisJBurns]

@ltagliaferri Addressed PR comments 👍

[haydentherapper]

We should update this section with the flags for the CT and Rekor keys too

[ChrisJBurns]

Will need to figure out what those flags are ... will update when committed and pushed.

[ChrisJBurns]

Have had a look at the current cosign that I've got locally from brew and I can't see any keys for rekor when doing cosign sign -help. Which keys are you referencing exactly? I can quickly put them in if possible

[ChrisJBurns]

@haydentherapper I'll have to spend a bit more time on this PR. I've only copied and pasted the content from the existing KEYLESS.md in the cosign repo, so am unsure on the details of keyless signatures. Additionally, I've not actually run anything locally around keyless signatures so I'll have to do a bit of learning in order to fill the gaps, as well as giving it a try locally to get the latest updates for output.

[haydentherapper]

I think it's fine to copy this over as-is and not add content, but I would remove outdated content.

[ChrisJBurns]

@haydentherapper have pushed up changes that (I think) addresses some of your comments. I've resolved them so you can see which ones I've attempted to resolve and left the others unresolved with a comment as they will take a bit more time for me to do.

[ChrisJBurns]

@haydentherapper @znewman01 @ltagliaferri Have pushed some newer changes, made a quick start at the top using ttl.sh and crane. Also updated the output for the sign and verify examples. I got alot of output in the optional field, but just kept it to null in the example if this it ok? I can squash commits when approvals start coming in 👍

Lastly, I didn't get this in my output for verify, so I'm assuming the latest cosign binary in brew doesn't have it yet (1.13.1). But added the updated output that was pushed in this commit

[znewman01]

I know you signed up for "copy paste a markdown file between two repos" and got a heck of a lot more than that, thanks!

[ChrisJBurns]

@znewman01 Just pushed up amendments, let me know when you get a chance 👍

[znewman01]

Awesome, thanks so much for this! Docs are really important for helping users navigate what we often take for granted 😄

[ChrisJBurns]

@znewman01 No problems, glad to finally get it done 😄 I'll submit the deprecation PR for the cosign/keyless.md file ASAP

[WoNation-Unity]

Pipeline