Scroll to navigation

GH-ATTESTATION-DOWNLOAD(1) GitHub CLI manual GH-ATTESTATION-DOWNLOAD(1)

NAME

gh-attestation-download - Download an artifact's attestations for offline use

SYNOPSIS

gh attestation download [<file-path> | oci://<image-uri>] [--owner | --repo] [flags]

DESCRIPTION

NOTE: This feature is currently in public preview, and subject to change.

Download attestations associated with an artifact for offline use.

The command requires either: * a file path to an artifact, or * a container image URI (e.g. oci://<image-uri>)
* (note that if you provide an OCI URL, you must already be authenticated with its container registry)

In addition, the command requires either: * the --repo flag (e.g. --repo github/example). * the --owner flag (e.g. --owner github), or

The --repo flag value must match the name of the GitHub repository that the artifact is linked with.

The --owner flag value must match the name of the GitHub organization that the artifact's linked repository belongs to.

Any associated bundle(s) will be written to a file in the current directory named after the artifact's digest. For example, if the digest is "sha256:1234", the file will be named "sha256:1234.jsonl".

OPTIONS

The algorithm used to compute a digest of the artifact: {sha256|sha512}

Configure host to use

Maximum number of attestations to fetch

a GitHub organization to scope attestation lookup by

Filter attestations by provided predicate type

Repository name in the format /

EXIT CODES

0: Successful execution

1: Error

2: Command canceled

4: Authentication required

NOTE: Specific commands may have additional exit codes. Refer to the command's help for more information.

EXAMPLE

# Download attestations for a local artifact linked with an organization
$ gh attestation download example.bin -o github
# Download attestations for a local artifact linked with a repository
$ gh attestation download example.bin -R github/example
# Download attestations for an OCI image linked with an organization
$ gh attestation download oci://example.com/foo/bar:latest -o github

SEE ALSO

gh-attestation(1)

Oct 2024 GitHub CLI v2.60.1