|
7 | 7 |
|
8 | 8 | ## Installation |
9 | 9 |
|
10 | | -``` |
| 10 | +```shell |
11 | 11 | curl -sfL http://get.kubearmor.io/ | sudo sh -s -- -b /usr/local/bin |
12 | 12 | ``` |
13 | 13 |
|
14 | | -### Installing from Source |
| 14 | +### Installing From Source |
15 | 15 |
|
16 | 16 | Build karmor from source if you want to test the latest (pre-release) karmor version. |
17 | 17 |
|
18 | | -``` |
| 18 | +```shell |
19 | 19 | git clone https://github.com/kubearmor/kubearmor-client.git |
20 | 20 | cd kubearmor-client |
21 | 21 | make install |
22 | 22 | ``` |
23 | 23 |
|
24 | | -## Usage |
| 24 | +### Steps to Verify the Binary (Recommended) |
| 25 | + |
| 26 | +We sign all releases with `cosign`, therefore we recommend verifying **karmor** tarball prior to its installation. |
| 27 | + |
| 28 | +Below are the instructions to verify the binary using `cosign` for version `v1.1.0`. |
| 29 | + |
| 30 | +- Use an environment variable to set the **karmor** version |
| 31 | + |
| 32 | +```shell |
| 33 | +export KARMOR_VERSION="1.1.0" |
| 34 | +``` |
| 35 | + |
| 36 | +- Download released tarball, certificate, and signature files |
| 37 | + |
| 38 | +<details> |
| 39 | + <summary>Download Details</summary> |
| 40 | + |
| 41 | +```shell |
| 42 | +curl -LO https://github.com/kubearmor/kubearmor-client/releases/download/v${KARMOR_VERSION}/karmor_${KARMOR_VERSION}_linux_amd64.tar.gz |
| 43 | + |
| 44 | +curl -LO https://github.com/kubearmor/kubearmor-client/releases/download/v${KARMOR_VERSION}/karmor_${KARMOR_VERSION}_linux_amd64.tar.gz.cert |
25 | 45 |
|
| 46 | +curl -LO https://github.com/kubearmor/kubearmor-client/releases/download/v${KARMOR_VERSION}/karmor_${KARMOR_VERSION}_linux_amd64.tar.gz.sig |
26 | 47 | ``` |
| 48 | + |
| 49 | +</details> |
| 50 | + |
| 51 | +- Verify the released tarball integrity with `cosign` |
| 52 | + |
| 53 | +<details> |
| 54 | + <summary>Verification Details</summary> |
| 55 | + |
| 56 | +```shell |
| 57 | +cosign verify-blob karmor_${KARMOR_VERSION}_linux_amd64.tar.gz --certificate-identity=https://github.com/kubearmor/kubearmor-client/.github/workflows/release.yml@refs/tags/v${KARMOR_VERSION} --certificate-oidc-issuer=https://token.actions.githubusercontent.com --signature karmor_${KARMOR_VERSION}_linux_amd64.tar.gz.sig --certificate karmor_${KARMOR_VERSION}_linux_amd64.tar.gz.cert |
| 58 | +``` |
| 59 | + |
| 60 | +</details> |
| 61 | + |
| 62 | +## Usage |
| 63 | + |
| 64 | +```shell |
27 | 65 | CLI Utility to help manage KubeArmor |
28 | 66 |
|
29 | 67 | KubeArmor is a container-aware runtime security enforcement system that |
|
56 | 94 | Use "karmor [command] --help" for more information about a command. |
57 | 95 | ``` |
58 | 96 |
|
59 | | - |
60 | 97 | ## License |
61 | | -[](https://app.fossa.com/projects/git%2Bgithub.com%2Fkubearmor%2Fkubearmor-client?ref=badge_large) |
| 98 | +
|
| 99 | +[](https://app.fossa.com/projects/git%2Bgithub.com%2Fkubearmor%2Fkubearmor-client?ref=badge_large) |
0 commit comments