intoto start

Snapshot input files at the beginning of a pipeline step

Synopsis

Record the cryptographic hashes of all input files (materials) before a pipeline step runs.

Use this when your step is not a single command — for example, a multi-line build script. Call 'intoto start' before the step and 'intoto stop' after it. The pair together produce a signed in-toto link that proves which files went in and which came out.

If your entire step is a single command, use 'intoto run' instead.

Examples

Options

Options inherited from parent commands

Have feedback? We want to hear from you!

Fields marked with * are required