sign-artifact
OfficialSign artifacts in Harness pipelines with Cosign.
Software Engineering#devsecops#supply chain#harness#cosign#pipeline security#artifact signing#upload signature
Authorharness
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Signing artifacts in Harness pipelines to ensure supply-chain integrity by cosigning after builds and optionally uploading signatures to registries.
Core Features & Use Cases
- Supports keyless, key-based, and Vault signing across Docker, ECR, GCR, GAR, ACR, HAR, and Harness Local Stage.
- Provides an interactive wizard to place the SscaArtifactSigning step after build/push and manage upload of signatures.
- Integrates with Harness MCP v2 and uses harness_update to surgically modify existing pipelines without executing them.
Quick Start
Invoke the sign-artifact command to launch the interactive wizard and configure Artifact Signing in your existing pipeline.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: sign-artifact Download link: https://github.com/harness/harness-skills/archive/main.zip#sign-artifact Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 510,000+ vetted skills library on demand.