cleanup: update README

kbdharun · Jun 30, 2024 · 4938bef · 4938bef
1 parent 2a028e9
commit 4938bef
Showing 1 changed file with 6 additions and 7 deletions.
diff --git a/README.md b/README.md
@@ -1,12 +1,14 @@
 # dev-image
 
 [![Image](https://github.com/kbdharun/dev-image/actions/workflows/image.yml/badge.svg)](https://github.com/kbdharun/dev-image/actions/workflows/image.yml)
+![GitHub License](https://img.shields.io/github/license/kbdharun/dev-image)
+
 
 This repository contains all my development packages preinstalled inside a Container image built using [Vib](https://github.com/Vanilla-OS/Vib).
 
 ## Using the Container Image with Distrobox
 
-Type the following command to create an container of this image in [Distrobox](https://github.com/89luca89/distrobox):
+Type the following command to create a container of this image in [Distrobox](https://github.com/89luca89/distrobox):
 
 ```sh
 distrobox create -n dev -i ghcr.io/kbdharun/dev-image:main
@@ -29,13 +31,10 @@ To verify the container image using [`cosign`](https://github.com/sigstore/cosig
 cosign verify --key cosign.pub ghcr.io/kbdharun/dev-image:main
 ```
 
-## Verify Image Build Provinance Attestation
+## Verify Image Build Provenance Attestation
 
-All the image builds/pushes are attested for provenance and integrity using [`actions/attest-build-provenance`](https://github.com/actions/attest-build-provenance). They can be verfied by downloading the recent bundle from the [attestations page](https://github.com/kbdharun/dev-image/attestations) and having the latest version of [GitHub CLI](https://github.com/cli/cli/releases/latest) installed in your system. Then, execute the following command:
+All the image builds/pushes are attested for provenance and integrity using [`actions/attest-build-provenance`](https://github.com/actions/attest-build-provenance). They can be verified by having the latest version of [GitHub CLI](https://github.com/cli/cli/releases/latest) installed in your system. Then, execute the following command:
 
 ```sh
-gh attestation verify oci://ghcr.io/kbdharun/dev-image --owner kbdharun --bundle <path/to/attestation_file.sigstore.json>
+gh attestation verify oci://ghcr.io/kbdharun/dev-image:main --owner kbdharun
 ```
-
-> [!NOTE]
-> Replace the `<path/to/attestation_file.sigstore.json>` placeholder with the actual path to the downloaded attestation file.