Skip to content

Commit e96fc37

Browse files
yizha1yizha1
committed
docs: update to notation akv plugin v1.1.0
Signed-off-by: Yi Zha <[email protected]>
1 parent 1b8ed68 commit e96fc37

File tree

2 files changed

+32
-6
lines changed

2 files changed

+32
-6
lines changed

articles/container-registry/container-registry-tutorial-sign-build-push.md

Lines changed: 16 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -41,16 +41,16 @@ In this tutorial:
4141
cp ./notation /usr/local/bin
4242
```
4343

44-
2. Install the Notation Azure Key Vault plugin `azure-kv` v1.0.2 on a Linux amd64 environment.
44+
2. Install the Notation Azure Key Vault plugin `azure-kv` v1.1.0 on a Linux amd64 environment.
4545

4646
> [!NOTE]
4747
> The URL and SHA256 checksum for the Notation Azure Key Vault plugin can be found on the plugin's [release page](https://github.com/Azure/notation-azure-kv/releases).
4848
4949
```bash
50-
notation plugin install --url https://github.com/Azure/notation-azure-kv/releases/download/v1.0.2/notation-azure-kv_1.0.2_linux_amd64.tar.gz --sha256sum f2b2e131a435b6a9742c202237b9aceda81859e6d4bd6242c2568ba556cee20e
50+
notation plugin install --url https://github.com/Azure/notation-azure-kv/releases/download/v1.1.0/notation-azure-kv_1.1.0_linux_amd64.tar.gz --sha256sum 2fc959bf850275246b044203609202329d015005574fabbf3e6393345e49b884
5151
```
5252
53-
3. List the available plugins and confirm that the `azure-kv` plugin with version `1.0.2` is included in the list.
53+
3. List the available plugins and confirm that the `azure-kv` plugin with version `1.1.0` is included in the list.
5454
5555
```bash
5656
notation plugin ls
@@ -200,6 +200,19 @@ The following steps show how to create a self-signed certificate for testing pur
200200
```bash
201201
notation sign --signature-format cose --id $KEY_ID --plugin azure-kv --plugin-config self_signed=true $IMAGE
202202
```
203+
204+
To authenticate with AKV, by default, the following credential types if enabled will be tried in order:
205+
206+
- [environment](/dotnet/api/azure.identity.environmentcredential)
207+
- [workloadid](/dotnet/api/azure.identity.workloadidentitycredential)
208+
- [managedid](/dotnet/api/azure.identity.managedidentitycredential)
209+
- [azurecli](/dotnet/api/azure.identity.azureclicredential)
210+
211+
To customize the default behavior, consider using an additional plugin configuration called `credential_type`. For instance, you can explicitly set the credential type to `azurecli` as demonstrated below:
212+
213+
```bash
214+
notation sign --signature-format cose --id $KEY_ID --plugin azure-kv --plugin-config self_signed=true --plugin-config credential_type=azurecli $IMAGE
215+
```
203216
204217
5. View the graph of signed images and associated signatures.
205218

articles/container-registry/container-registry-tutorial-sign-trusted-ca.md

Lines changed: 16 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -53,16 +53,16 @@ In this article:
5353
cp ./notation /usr/local/bin
5454
```
5555

56-
2. Install the Notation Azure Key Vault plugin `azure-kv` v1.0.2 on a Linux amd64 environment.
56+
2. Install the Notation Azure Key Vault plugin `azure-kv` v1.1.0 on a Linux amd64 environment.
5757

5858
> [!NOTE]
5959
> The URL and SHA256 checksum for the Notation Azure Key Vault plugin can be found on the plugin's [release page](https://github.com/Azure/notation-azure-kv/releases).
6060
6161
```bash
62-
notation plugin install --url https://github.com/Azure/notation-azure-kv/releases/download/v1.0.2/notation-azure-kv_1.0.2_linux_amd64.tar.gz --sha256sum f2b2e131a435b6a9742c202237b9aceda81859e6d4bd6242c2568ba556cee20e
62+
notation plugin install --url https://github.com/Azure/notation-azure-kv/releases/download/v1.1.0/notation-azure-kv_1.1.0_linux_amd64.tar.gz --sha256sum 2fc959bf850275246b044203609202329d015005574fabbf3e6393345e49b884
6363
```
6464
65-
3. List the available plugins and confirm that the `azure-kv` plugin with version `1.0.2` is included in the list.
65+
3. List the available plugins and confirm that the `azure-kv` plugin with version `1.1.0` is included in the list.
6666
6767
```bash
6868
notation plugin ls
@@ -219,6 +219,19 @@ To import the certificate:
219219
notation sign --signature-format cose $IMAGE --id $KEY_ID --plugin azure-kv --plugin-config ca_certs=<ca_bundle_file>
220220
```
221221

222+
To authenticate with AKV, by default, the following credential types if enabled will be tried in order:
223+
224+
- [environment](/dotnet/api/azure.identity.environmentcredential)
225+
- [workloadid](/dotnet/api/azure.identity.workloadidentitycredential)
226+
- [managedid](/dotnet/api/azure.identity.managedidentitycredential)
227+
- [azurecli](/dotnet/api/azure.identity.azureclicredential)
228+
229+
To customize the default behavior, consider using an additional plugin configuration called `credential_type`. For instance, you can explicitly set the credential type to `azurecli` as demonstrated below:
230+
231+
```bash
232+
notation sign --signature-format cose --id $KEY_ID --plugin azure-kv --plugin-config credential_type=azurecli $IMAGE
233+
```
234+
222235
6. View the graph of signed images and associated signatures.
223236

224237
```bash

0 commit comments

Comments
 (0)