Skip to content

Releases: NVIDIA/nvrc

Release v0.1.4

02 Apr 21:20
@github-actions github-actions
Immutable release. Only release title and notes can be modified.
v0.1.4
469a2fe
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release v0.1.4 Latest
Latest

Verify NVRC release artifacts

This guide shows how to verify the tarball, the extracted binary, the
SBOM, and the SLSA provenance for a given release.

Prerequisites

1) Set variables

# Choose your target architecture:
export TARGET=x86_64-unknown-linux-musl   # or: aarch64-unknown-linux-musl

# Set the release tag and repository:
export TAG="vX.Y.Z"
export REPO="NVIDIA/nvrc"

Example:

export TARGET=x86_64-unknown-linux-musl
export TAG="v0.1.0"
export REPO="NVIDIA/nvrc"

2) Download the release assets

The release contains a tarball per target architecture and a
per-artifact SLSA provenance file.

gh release download "$TAG" --repo "$REPO" \
  --pattern "NVRC-${TARGET}.tar.xz" \
  --pattern "NVRC-${TARGET}.tar.xz.*" \
  --pattern "NVRC-${TARGET}.intoto.jsonl" \
  --dir .

You should now have:

NVRC-${TARGET}.tar.xz
NVRC-${TARGET}.tar.xz.sig
NVRC-${TARGET}.tar.xz.cert
NVRC-${TARGET}.tar.xz.bundle.json

NVRC-${TARGET}.intoto.jsonl

3) Verify the tarball

These commands assert the tarball was signed by this repository's GitHub
Actions workflow on main and is recorded in Rekor.
(Online verification talks to Rekor; offline verification uses the embedded
bundle.)

# Online verification (Rekor)
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate "NVRC-${TARGET}.tar.xz.cert" \
  --signature   "NVRC-${TARGET}.tar.xz.sig" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "NVRC-${TARGET}.tar.xz"

# Offline verification (bundle)
cosign verify-blob \
  --bundle "NVRC-${TARGET}.tar.xz.bundle.json" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "NVRC-${TARGET}.tar.xz"

Extract files for further checks:

tar -xf "NVRC-${TARGET}.tar.xz"

After extraction, you should see:

NVRC-${TARGET}
NVRC-${TARGET}.sig
NVRC-${TARGET}.cert
NVRC-${TARGET}.bundle.json

sbom-NVRC-${TARGET}.spdx.json
sbom-NVRC-${TARGET}.spdx.json.sig
sbom-NVRC-${TARGET}.spdx.json.cert
sbom-NVRC-${TARGET}.spdx.json.bundle.json

4) Verify the binary and SBOM (online with Rekor)

# Binary
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate "NVRC-${TARGET}.cert" \
  --signature   "NVRC-${TARGET}.sig" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "NVRC-${TARGET}"

# SBOM (SPDX JSON)
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate "sbom-NVRC-${TARGET}.spdx.json.cert" \
  --signature   "sbom-NVRC-${TARGET}.spdx.json.sig" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "sbom-NVRC-${TARGET}.spdx.json"

(Optional) Offline verification using bundles

cosign verify-blob \
  --bundle "NVRC-${TARGET}.bundle.json" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "NVRC-${TARGET}"

cosign verify-blob \
  --bundle "sbom-NVRC-${TARGET}.spdx.json.bundle.json" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "sbom-NVRC-${TARGET}.spdx.json"

Tip: if you later switch to tag-triggered builds, change the regex to:
^https://github.com/$REPO/.github/workflows/.+@refs/tags/$TAG$

5) Verify SLSA provenance

Releases are built from main, so verify against the branch.

slsa-verifier verify-artifact "NVRC-${TARGET}" \
  --provenance-path "NVRC-${TARGET}.intoto.jsonl" \
  --source-uri "github.com/$REPO" \
  --source-branch "main"

6) (Optional) Rekor references

If the release includes REKOR-REFERENCES.md and rekor-references.json,
they list each artifact's UUID and logIndex in Rekor:

  • https://rekor.sigstore.dev/api/v1/log/entries/<uuid>

These are extracted from the published bundle files for precise,
reproducible auditing.

7) Advanced: strict identity pinning (recommended)

For maximum assurance, pin additional GitHub-specific claims embedded in
the Fulcio certificate. If you know your workflow file and branch, use:

WF_FILE="release.yaml"              # workflow filename under .github/workflows/
WF_REF="refs/heads/main"            # release branch
WF_REPO="$REPO"                     # e.g., NVIDIA/nvrc

# Tarball (online via Rekor)
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate "NVRC-${TARGET}.tar.xz.cert" \
  --signature "NVRC-${TARGET}.tar.xz.sig" \
  --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-github-workflow-repository "$WF_REPO" \
  --certificate-github-workflow-ref "$WF_REF" \
  "NVRC-${TARGET}.tar.xz"

# Binary (online via Rekor)
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate "NVRC-${TARGET}.cert" \
  --signature "NVRC-${TARGET}.sig" \
  --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-github-workflow-repository "$WF_REPO" \
  --certificate-github-workflow-ref "$WF_REF" \
  "NVRC-${TARGET}"

# SBOM (online via Rekor)
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate "sbom-NVRC-${TARGET}.spdx.json.cert" \
  --signature "sbom-NVRC-${TARGET}.spdx.json.sig" \
  --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-github-workflow-repository "$WF_REPO" \
  --certificate-github-workflow-ref "$WF_REF" \
  "sbom-NVRC-${TARGET}.spdx.json"

(Optional) Offline verification with strict pinning

# Tarball (offline)
cosign verify-blob \
  --bundle "NVRC-${TARGET}.tar.xz.bundle.json" \
  --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-github-workflow-repository "$WF_REPO" \
  --certificate-github-workflow-ref "$WF_REF" \
  "NVRC-${TARGET}.tar.xz"

# Binary (offline)
cosign verify-blob \
  --bundle "NVRC-${TARGET}.bundle.json" \
  --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-github-workflow-repository "$WF_REPO" \
  --certificate-github-workflow-ref "$WF_REF" \
  "NVRC-${TARGET}"

# SBOM (offline)
cosign verify-blob \
  --bundle "sbom-NVRC-${TARGET}.spdx.json.bundle.json" \
  --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-github-workflow-repository "$WF_REPO" \
  --certificate-github-workflow-ref "$WF_REF" \
  "sbom-NVRC-${TARGET}.spdx.json"

Don't know the exact workflow filename? Stick with the regex form used
above (it already pins to your repo and branch).

If you run releases via workflow_dispatch, you can also pin the trigger:

--certificate-github-workflow-trigger "workflow_dispatch"

Notes & troubleshooting

  • If identity check fails, ensure REPO and the regex
    (@refs/heads/main vs @refs/tags/$TAG) match how the release was built.
  • If NVRC-${TARGET}.intoto.jsonl is missing, confirm the release includes
    per-target provenance.
  • For more detail, add --verbose and optionally set COSIGN_EXPERIMENTAL=1
    when experimenting locally.
Assets 13
Loading

Release v0.1.3

13 Mar 22:45
@github-actions github-actions
Immutable release. Only release title and notes can be modified.
v0.1.3
d31b296
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release v0.1.3

Verify NVRC release artifacts

This guide shows how to verify the tarball, the extracted binary, the
SBOM, and the SLSA provenance for a given release.

Prerequisites

1) Set variables

# Choose your target architecture:
export TARGET=x86_64-unknown-linux-musl   # or: aarch64-unknown-linux-musl

# Set the release tag and repository:
export TAG="vX.Y.Z"
export REPO="NVIDIA/nvrc"

Example:

export TARGET=x86_64-unknown-linux-musl
export TAG="v0.1.0"
export REPO="NVIDIA/nvrc"

2) Download the release assets

The release contains a tarball per target architecture and a
per-artifact SLSA provenance file.

gh release download "$TAG" --repo "$REPO" \
  --pattern "NVRC-${TARGET}.tar.xz" \
  --pattern "NVRC-${TARGET}.tar.xz.*" \
  --pattern "NVRC-${TARGET}.intoto.jsonl" \
  --dir .

You should now have:

NVRC-${TARGET}.tar.xz
NVRC-${TARGET}.tar.xz.sig
NVRC-${TARGET}.tar.xz.cert
NVRC-${TARGET}.tar.xz.bundle.json

NVRC-${TARGET}.intoto.jsonl

3) Verify the tarball

These commands assert the tarball was signed by this repository's GitHub
Actions workflow on main and is recorded in Rekor.
(Online verification talks to Rekor; offline verification uses the embedded
bundle.)

# Online verification (Rekor)
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate "NVRC-${TARGET}.tar.xz.cert" \
  --signature   "NVRC-${TARGET}.tar.xz.sig" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "NVRC-${TARGET}.tar.xz"

# Offline verification (bundle)
cosign verify-blob \
  --bundle "NVRC-${TARGET}.tar.xz.bundle.json" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "NVRC-${TARGET}.tar.xz"

Extract files for further checks:

tar -xf "NVRC-${TARGET}.tar.xz"

After extraction, you should see:

NVRC-${TARGET}
NVRC-${TARGET}.sig
NVRC-${TARGET}.cert
NVRC-${TARGET}.bundle.json

sbom-NVRC-${TARGET}.spdx.json
sbom-NVRC-${TARGET}.spdx.json.sig
sbom-NVRC-${TARGET}.spdx.json.cert
sbom-NVRC-${TARGET}.spdx.json.bundle.json

4) Verify the binary and SBOM (online with Rekor)

# Binary
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate "NVRC-${TARGET}.cert" \
  --signature   "NVRC-${TARGET}.sig" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "NVRC-${TARGET}"

# SBOM (SPDX JSON)
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate "sbom-NVRC-${TARGET}.spdx.json.cert" \
  --signature   "sbom-NVRC-${TARGET}.spdx.json.sig" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "sbom-NVRC-${TARGET}.spdx.json"

(Optional) Offline verification using bundles

cosign verify-blob \
  --bundle "NVRC-${TARGET}.bundle.json" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "NVRC-${TARGET}"

cosign verify-blob \
  --bundle "sbom-NVRC-${TARGET}.spdx.json.bundle.json" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "sbom-NVRC-${TARGET}.spdx.json"

Tip: if you later switch to tag-triggered builds, change the regex to:
^https://github.com/$REPO/.github/workflows/.+@refs/tags/$TAG$

5) Verify SLSA provenance

Releases are built from main, so verify against the branch.

slsa-verifier verify-artifact "NVRC-${TARGET}" \
  --provenance-path "NVRC-${TARGET}.intoto.jsonl" \
  --source-uri "github.com/$REPO" \
  --source-branch "main"

6) (Optional) Rekor references

If the release includes REKOR-REFERENCES.md and rekor-references.json,
they list each artifact's UUID and logIndex in Rekor:

  • https://rekor.sigstore.dev/api/v1/log/entries/<uuid>

These are extracted from the published bundle files for precise,
reproducible auditing.

7) Advanced: strict identity pinning (recommended)

For maximum assurance, pin additional GitHub-specific claims embedded in
the Fulcio certificate. If you know your workflow file and branch, use:

WF_FILE="release.yaml"              # workflow filename under .github/workflows/
WF_REF="refs/heads/main"            # release branch
WF_REPO="$REPO"                     # e.g., NVIDIA/nvrc

# Tarball (online via Rekor)
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate "NVRC-${TARGET}.tar.xz.cert" \
  --signature "NVRC-${TARGET}.tar.xz.sig" \
  --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-github-workflow-repository "$WF_REPO" \
  --certificate-github-workflow-ref "$WF_REF" \
  "NVRC-${TARGET}.tar.xz"

# Binary (online via Rekor)
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate "NVRC-${TARGET}.cert" \
  --signature "NVRC-${TARGET}.sig" \
  --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-github-workflow-repository "$WF_REPO" \
  --certificate-github-workflow-ref "$WF_REF" \
  "NVRC-${TARGET}"

# SBOM (online via Rekor)
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate "sbom-NVRC-${TARGET}.spdx.json.cert" \
  --signature "sbom-NVRC-${TARGET}.spdx.json.sig" \
  --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-github-workflow-repository "$WF_REPO" \
  --certificate-github-workflow-ref "$WF_REF" \
  "sbom-NVRC-${TARGET}.spdx.json"

(Optional) Offline verification with strict pinning

# Tarball (offline)
cosign verify-blob \
  --bundle "NVRC-${TARGET}.tar.xz.bundle.json" \
  --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-github-workflow-repository "$WF_REPO" \
  --certificate-github-workflow-ref "$WF_REF" \
  "NVRC-${TARGET}.tar.xz"

# Binary (offline)
cosign verify-blob \
  --bundle "NVRC-${TARGET}.bundle.json" \
  --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-github-workflow-repository "$WF_REPO" \
  --certificate-github-workflow-ref "$WF_REF" \
  "NVRC-${TARGET}"

# SBOM (offline)
cosign verify-blob \
  --bundle "sbom-NVRC-${TARGET}.spdx.json.bundle.json" \
  --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-github-workflow-repository "$WF_REPO" \
  --certificate-github-workflow-ref "$WF_REF" \
  "sbom-NVRC-${TARGET}.spdx.json"

Don't know the exact workflow filename? Stick with the regex form used
above (it already pins to your repo and branch).

If you run releases via workflow_dispatch, you can also pin the trigger:

--certificate-github-workflow-trigger "workflow_dispatch"

Notes & troubleshooting

  • If identity check fails, ensure REPO and the regex
    (@refs/heads/main vs @refs/tags/$TAG) match how the release was built.
  • If NVRC-${TARGET}.intoto.jsonl is missing, confirm the release includes
    per-target provenance.
  • For more detail, add --verbose and optionally set COSIGN_EXPERIMENTAL=1
    when experimenting locally.
Loading

Release v0.1.2

13 Mar 19:19
@github-actions github-actions
Immutable release. Only release title and notes can be modified.
v0.1.2
1bde1da
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release v0.1.2

Verify NVRC release artifacts

This guide shows how to verify the tarball, the extracted binary, the
SBOM, and the SLSA provenance for a given release.

Prerequisites

1) Set variables

# Choose your target architecture:
export TARGET=x86_64-unknown-linux-musl   # or: aarch64-unknown-linux-musl

# Set the release tag and repository:
export TAG="vX.Y.Z"
export REPO="NVIDIA/nvrc"

Example:

export TARGET=x86_64-unknown-linux-musl
export TAG="v0.1.0"
export REPO="NVIDIA/nvrc"

2) Download the release assets

The release contains a tarball per target architecture and a
per-artifact SLSA provenance file.

gh release download "$TAG" --repo "$REPO" \
  --pattern "NVRC-${TARGET}.tar.xz" \
  --pattern "NVRC-${TARGET}.tar.xz.*" \
  --pattern "NVRC-${TARGET}.intoto.jsonl" \
  --dir .

You should now have:

NVRC-${TARGET}.tar.xz
NVRC-${TARGET}.tar.xz.sig
NVRC-${TARGET}.tar.xz.cert
NVRC-${TARGET}.tar.xz.bundle.json

NVRC-${TARGET}.intoto.jsonl

3) Verify the tarball

These commands assert the tarball was signed by this repository's GitHub
Actions workflow on main and is recorded in Rekor.
(Online verification talks to Rekor; offline verification uses the embedded
bundle.)

# Online verification (Rekor)
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate "NVRC-${TARGET}.tar.xz.cert" \
  --signature   "NVRC-${TARGET}.tar.xz.sig" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "NVRC-${TARGET}.tar.xz"

# Offline verification (bundle)
cosign verify-blob \
  --bundle "NVRC-${TARGET}.tar.xz.bundle.json" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "NVRC-${TARGET}.tar.xz"

Extract files for further checks:

tar -xf "NVRC-${TARGET}.tar.xz"

After extraction, you should see:

NVRC-${TARGET}
NVRC-${TARGET}.sig
NVRC-${TARGET}.cert
NVRC-${TARGET}.bundle.json

sbom-NVRC-${TARGET}.spdx.json
sbom-NVRC-${TARGET}.spdx.json.sig
sbom-NVRC-${TARGET}.spdx.json.cert
sbom-NVRC-${TARGET}.spdx.json.bundle.json

4) Verify the binary and SBOM (online with Rekor)

# Binary
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate "NVRC-${TARGET}.cert" \
  --signature   "NVRC-${TARGET}.sig" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "NVRC-${TARGET}"

# SBOM (SPDX JSON)
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate "sbom-NVRC-${TARGET}.spdx.json.cert" \
  --signature   "sbom-NVRC-${TARGET}.spdx.json.sig" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "sbom-NVRC-${TARGET}.spdx.json"

(Optional) Offline verification using bundles

cosign verify-blob \
  --bundle "NVRC-${TARGET}.bundle.json" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "NVRC-${TARGET}"

cosign verify-blob \
  --bundle "sbom-NVRC-${TARGET}.spdx.json.bundle.json" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "sbom-NVRC-${TARGET}.spdx.json"

Tip: if you later switch to tag-triggered builds, change the regex to:
^https://github.com/$REPO/.github/workflows/.+@refs/tags/$TAG$

5) Verify SLSA provenance

Releases are built from main, so verify against the branch.

slsa-verifier verify-artifact "NVRC-${TARGET}" \
  --provenance-path "NVRC-${TARGET}.intoto.jsonl" \
  --source-uri "github.com/$REPO" \
  --source-branch "main"

6) (Optional) Rekor references

If the release includes REKOR-REFERENCES.md and rekor-references.json,
they list each artifact's UUID and logIndex in Rekor:

  • https://rekor.sigstore.dev/api/v1/log/entries/<uuid>

These are extracted from the published bundle files for precise,
reproducible auditing.

7) Advanced: strict identity pinning (recommended)

For maximum assurance, pin additional GitHub-specific claims embedded in
the Fulcio certificate. If you know your workflow file and branch, use:

WF_FILE="release.yaml"              # workflow filename under .github/workflows/
WF_REF="refs/heads/main"            # release branch
WF_REPO="$REPO"                     # e.g., NVIDIA/nvrc

# Tarball (online via Rekor)
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate "NVRC-${TARGET}.tar.xz.cert" \
  --signature "NVRC-${TARGET}.tar.xz.sig" \
  --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-github-workflow-repository "$WF_REPO" \
  --certificate-github-workflow-ref "$WF_REF" \
  "NVRC-${TARGET}.tar.xz"

# Binary (online via Rekor)
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate "NVRC-${TARGET}.cert" \
  --signature "NVRC-${TARGET}.sig" \
  --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-github-workflow-repository "$WF_REPO" \
  --certificate-github-workflow-ref "$WF_REF" \
  "NVRC-${TARGET}"

# SBOM (online via Rekor)
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate "sbom-NVRC-${TARGET}.spdx.json.cert" \
  --signature "sbom-NVRC-${TARGET}.spdx.json.sig" \
  --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-github-workflow-repository "$WF_REPO" \
  --certificate-github-workflow-ref "$WF_REF" \
  "sbom-NVRC-${TARGET}.spdx.json"

(Optional) Offline verification with strict pinning

# Tarball (offline)
cosign verify-blob \
  --bundle "NVRC-${TARGET}.tar.xz.bundle.json" \
  --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-github-workflow-repository "$WF_REPO" \
  --certificate-github-workflow-ref "$WF_REF" \
  "NVRC-${TARGET}.tar.xz"

# Binary (offline)
cosign verify-blob \
  --bundle "NVRC-${TARGET}.bundle.json" \
  --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-github-workflow-repository "$WF_REPO" \
  --certificate-github-workflow-ref "$WF_REF" \
  "NVRC-${TARGET}"

# SBOM (offline)
cosign verify-blob \
  --bundle "sbom-NVRC-${TARGET}.spdx.json.bundle.json" \
  --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-github-workflow-repository "$WF_REPO" \
  --certificate-github-workflow-ref "$WF_REF" \
  "sbom-NVRC-${TARGET}.spdx.json"

Don't know the exact workflow filename? Stick with the regex form used
above (it already pins to your repo and branch).

If you run releases via workflow_dispatch, you can also pin the trigger:

--certificate-github-workflow-trigger "workflow_dispatch"

Notes & troubleshooting

  • If identity check fails, ensure REPO and the regex
    (@refs/heads/main vs @refs/tags/$TAG) match how the release was built.
  • If NVRC-${TARGET}.intoto.jsonl is missing, confirm the release includes
    per-target provenance.
  • For more detail, add --verbose and optionally set COSIGN_EXPERIMENTAL=1
    when experimenting locally.
Loading

Release v0.1.1

15 Jan 00:33
@github-actions github-actions
v0.1.1
a3244ec
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release v0.1.1

Verify NVRC release artifacts

This guide shows how to verify the tarball, the extracted binary, the
SBOM, and the SLSA provenance for a given release.

Prerequisites

1) Set variables

# Choose your target architecture:
export TARGET=x86_64-unknown-linux-musl   # or: aarch64-unknown-linux-musl

# Set the release tag and repository:
export TAG="vX.Y.Z"
export REPO="NVIDIA/nvrc"

Example:

export TARGET=x86_64-unknown-linux-musl
export TAG="v0.1.0"
export REPO="NVIDIA/nvrc"

2) Download the release assets

The release contains a tarball per target architecture and a
per-artifact SLSA provenance file.

gh release download "$TAG" --repo "$REPO" \
  --pattern "NVRC-${TARGET}.tar.xz" \
  --pattern "NVRC-${TARGET}.tar.xz.*" \
  --pattern "NVRC-${TARGET}.intoto.jsonl" \
  --dir .

You should now have:

NVRC-${TARGET}.tar.xz
NVRC-${TARGET}.tar.xz.sig
NVRC-${TARGET}.tar.xz.cert
NVRC-${TARGET}.tar.xz.bundle.json

NVRC-${TARGET}.intoto.jsonl

3) Verify the tarball

These commands assert the tarball was signed by this repository's GitHub
Actions workflow on main and is recorded in Rekor.
(Online verification talks to Rekor; offline verification uses the embedded
bundle.)

# Online verification (Rekor)
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate "NVRC-${TARGET}.tar.xz.cert" \
  --signature   "NVRC-${TARGET}.tar.xz.sig" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "NVRC-${TARGET}.tar.xz"

# Offline verification (bundle)
cosign verify-blob \
  --bundle "NVRC-${TARGET}.tar.xz.bundle.json" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "NVRC-${TARGET}.tar.xz"

Extract files for further checks:

tar -xf "NVRC-${TARGET}.tar.xz"

After extraction, you should see:

NVRC-${TARGET}
NVRC-${TARGET}.sig
NVRC-${TARGET}.cert
NVRC-${TARGET}.bundle.json

sbom-NVRC-${TARGET}.spdx.json
sbom-NVRC-${TARGET}.spdx.json.sig
sbom-NVRC-${TARGET}.spdx.json.cert
sbom-NVRC-${TARGET}.spdx.json.bundle.json

4) Verify the binary and SBOM (online with Rekor)

# Binary
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate "NVRC-${TARGET}.cert" \
  --signature   "NVRC-${TARGET}.sig" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "NVRC-${TARGET}"

# SBOM (SPDX JSON)
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate "sbom-NVRC-${TARGET}.spdx.json.cert" \
  --signature   "sbom-NVRC-${TARGET}.spdx.json.sig" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "sbom-NVRC-${TARGET}.spdx.json"

(Optional) Offline verification using bundles

cosign verify-blob \
  --bundle "NVRC-${TARGET}.bundle.json" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "NVRC-${TARGET}"

cosign verify-blob \
  --bundle "sbom-NVRC-${TARGET}.spdx.json.bundle.json" \
  --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  "sbom-NVRC-${TARGET}.spdx.json"

Tip: if you later switch to tag-triggered builds, change the regex to:
^https://github.com/$REPO/.github/workflows/.+@refs/tags/$TAG$

5) Verify SLSA provenance

Releases are built from main, so verify against the branch.

slsa-verifier verify-artifact "NVRC-${TARGET}" \
  --provenance-path "NVRC-${TARGET}.intoto.jsonl" \
  --source-uri "github.com/$REPO" \
  --source-branch "main"

6) (Optional) Rekor references

If the release includes REKOR-REFERENCES.md and rekor-references.json,
they list each artifact's UUID and logIndex in Rekor:

  • https://rekor.sigstore.dev/api/v1/log/entries/<uuid>

These are extracted from the published bundle files for precise,
reproducible auditing.

7) Advanced: strict identity pinning (recommended)

For maximum assurance, pin additional GitHub-specific claims embedded in
the Fulcio certificate. If you know your workflow file and branch, use:

WF_FILE="release.yaml"              # workflow filename under .github/workflows/
WF_REF="refs/heads/main"            # release branch
WF_REPO="$REPO"                     # e.g., NVIDIA/nvrc

# Tarball (same flags also apply to binary/SBOM verifies)
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-github-workflow-repository "$WF_REPO" \
  --certificate-github-workflow-ref "$WF_REF" \
  "NVRC-${TARGET}.tar.xz"

# Binary
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-github-workflow-repository "$WF_REPO" \
  --certificate-github-workflow-ref "$WF_REF" \
  "NVRC-${TARGET}"

# SBOM
cosign verify-blob \
  --rekor-url https://rekor.sigstore.dev \
  --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  --certificate-github-workflow-repository "$WF_REPO" \
  --certificate-github-workflow-ref "$WF_REF" \
  "sbom-NVRC-${TARGET}.spdx.json"

Don't know the exact workflow filename? Stick with the regex form used
above (it already pins to your repo and branch).

If you run releases via workflow_dispatch, you can also pin the trigger:

--certificate-github-workflow-trigger "workflow_dispatch"

Notes & troubleshooting

  • If identity check fails, ensure REPO and the regex
    (@refs/heads/main vs @refs/tags/$TAG) match how the release was built.
  • If NVRC-${TARGET}.intoto.jsonl is missing, confirm the release includes
    per-target provenance.
  • For more detail, add --verbose and optionally set COSIGN_EXPERIMENTAL=1
    when experimenting locally.
Loading

Release v0.0.1

13 Oct 18:48
@github-actions github-actions
v0.0.1
4f386f5
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release v0.0.1

Verify NVRC release artifacts

This guide shows how to verify the tarball, the extracted binary, the SBOM, and the SLSA provenance for a given release.
Releases ship two flavors per target:

  • NVRC (standard)
  • NVRC-confidential (built with --features=confidential)

Prerequisites

1) Set variables

# Choose your flavor (binary name prefix) and target:
export BIN=NVRC                 # or: NVRC-confidential
export TARGET=x86_64-unknown-linux-musl   # or: aarch64-unknown-linux-musl

# Set the release tag and repository:
export TAG="vX.Y.Z"
export REPO="owner/repo"

Example:

export BIN=NVRC-confidential
export TARGET=x86_64-unknown-linux-musl
export TAG="v0.0.1"
export REPO="NVIDIA/nvrc"

2) Download the release assets

The release contains a single tarball per (flavor, target) and a per-artifact SLSA provenance file.

gh release download "$TAG" --repo "$REPO"   --pattern "${BIN}-${TARGET}.tar.xz"   --pattern "${BIN}-${TARGET}.tar.xz.*"   --pattern "${BIN}-${TARGET}.intoto.jsonl"   --dir .

You should now have:

${BIN}-${TARGET}.tar.xz
${BIN}-${TARGET}.tar.xz.sig
${BIN}-${TARGET}.tar.xz.cert
${BIN}-${TARGET}.tar.xz.bundle.json

${BIN}-${TARGET}.intoto.jsonl

3) Verify the tarball

These commands assert the tarball was signed by this repository’s GitHub Actions workflow on main and is recorded in Rekor.
(Online verification talks to Rekor; offline verification uses the embedded bundle.)

# Online verification (Rekor)
cosign verify-blob   --rekor-url https://rekor.sigstore.dev   --certificate "${BIN}-${TARGET}.tar.xz.cert"   --signature   "${BIN}-${TARGET}.tar.xz.sig"   --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$"   --certificate-oidc-issuer "https://token.actions.githubusercontent.com"   "${BIN}-${TARGET}.tar.xz"

# Offline verification (bundle)
cosign verify-blob --bundle "${BIN}-${TARGET}.tar.xz.bundle.json"   --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$"   --certificate-oidc-issuer "https://token.actions.githubusercontent.com"   "${BIN}-${TARGET}.tar.xz"

Extract files for further checks:

tar -xf "${BIN}-${TARGET}.tar.xz"

After extraction, you should see (per (flavor, target)):

${BIN}-${TARGET}
${BIN}-${TARGET}.sig
${BIN}-${TARGET}.cert
${BIN}-${TARGET}.bundle.json

sbom-${BIN}-${TARGET}.spdx.json
sbom-${BIN}-${TARGET}.spdx.json.sig
sbom-${BIN}-${TARGET}.spdx.json.cert
sbom-${BIN}-${TARGET}.spdx.json.bundle.json

4) Verify the binary and SBOM (online with Rekor)

# Binary
cosign verify-blob   --rekor-url https://rekor.sigstore.dev   --certificate "${BIN}-${TARGET}.cert"   --signature   "${BIN}-${TARGET}.sig"   --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$"   --certificate-oidc-issuer "https://token.actions.githubusercontent.com"   "${BIN}-${TARGET}"

# SBOM (SPDX JSON)
cosign verify-blob   --rekor-url https://rekor.sigstore.dev   --certificate "sbom-${BIN}-${TARGET}.spdx.json.cert"   --signature   "sbom-${BIN}-${TARGET}.spdx.json.sig"   --certificate-identity-regexp "^https://github.com/$REPO/.github/workflows/.+@refs/heads/main$"   --certificate-oidc-issuer "https://token.actions.githubusercontent.com"   "sbom-${BIN}-${TARGET}.spdx.json"

(Optional) Offline verification using bundles

cosign verify-blob --bundle "${BIN}-${TARGET}.bundle.json" "${BIN}-${TARGET}"
cosign verify-blob --bundle "sbom-${BIN}-${TARGET}.spdx.json.bundle.json" "sbom-${BIN}-${TARGET}.spdx.json"

Tip: if you later switch to tag-triggered builds, change the regex to:
^https://github.com/$REPO/.github/workflows/.+@refs/tags/$TAG$

5) Verify SLSA provenance

Releases are built from main, so verify against the branch.

PROV="${BIN}-${TARGET}.intoto.jsonl"

slsa-verifier verify-artifact "${BIN}-${TARGET}"   --provenance-path "$PROV"   --source-uri "github.com/$REPO"   --source-branch "main"

6) (Optional) Rekor references

If the release includes REKOR-REFERENCES.md and rekor-references.json, they list each artifact’s UUID and logIndex in Rekor:

  • https://rekor.sigstore.dev/api/v1/log/entries/<uuid>

These are extracted from the published bundle files for precise, reproducible auditing.

7) Advanced: strict identity pinning (recommended)

For maximum assurance, pin additional GitHub-specific claims embedded in the Fulcio certificate. If you know your workflow file and branch, use:

WF_FILE="release.yml"               # your workflow filename under .github/workflows/
WF_REF="refs/heads/main"            # your release branch
WF_REPO="$REPO"                     # e.g., NVIDIA/nvrc

# Tarball (same flags also apply to binary/SBOM verifies)
cosign verify-blob   --rekor-url https://rekor.sigstore.dev   --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF"   --certificate-oidc-issuer "https://token.actions.githubusercontent.com"   --certificate-github-workflow-repository "$WF_REPO"   --certificate-github-workflow-ref "$WF_REF"   "${BIN}-${TARGET}.tar.xz"

# Binary
cosign verify-blob   --rekor-url https://rekor.sigstore.dev   --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF"   --certificate-oidc-issuer "https://token.actions.githubusercontent.com"   --certificate-github-workflow-repository "$WF_REPO"   --certificate-github-workflow-ref "$WF_REF"   "${BIN}-${TARGET}"

# SBOM
cosign verify-blob   --rekor-url https://rekor.sigstore.dev   --certificate-identity "https://github.com/$WF_REPO/.github/workflows/$WF_FILE@$WF_REF"   --certificate-oidc-issuer "https://token.actions.githubusercontent.com"   --certificate-github-workflow-repository "$WF_REPO"   --certificate-github-workflow-ref "$WF_REF"   "sbom-${BIN}-${TARGET}.spdx.json"

Don’t know the exact workflow filename? Stick with the regex form used above (it already pins to your repo and branch).

If you run releases via workflow_dispatch, you can also pin the trigger:

--certificate-github-workflow-trigger "workflow_dispatch"

Notes & troubleshooting

  • If identity check fails, ensure REPO and the regex (@refs/heads/main vs @refs/tags/$TAG) match how the release was built.
  • If ${BIN}-${TARGET}.intoto.jsonl is missing, confirm the release includes per-(flavor,target) provenance.
  • For more detail, add --verbose and optionally set COSIGN_EXPERIMENTAL=1 when experimenting locally.
Loading