in-toto-record

Create a signed link metadata file to provide evidence for supply chain steps. More information: https://in-toto.readthedocs.io/en/latest/command-line-tools/in-toto-record.html.

  • Start the record (creates a preliminary link file):

in-toto-record start -n path/to/edit_file1 path/to/edit_file2 … -k path/to/key_file -m .

  • Stop the record (expects a preliminary link file):

in-toto-record stop -n path/to/edit_file1 path/to/edit_file2 … -k path/to/key_file -p .

Report New Issue View Source