From a1b0c5a64be81f7c7a24c57a50eb34a88fa3c5d6 Mon Sep 17 00:00:00 2001
From: Hayden <haydentherapper@users.noreply.github.com>
Date: Wed, 19 Nov 2025 10:40:11 -0800
Subject: [PATCH] Update instructions for using staging environment

This updates how to use the staging environment with Cosign v3. We should probably provide a `--staging` flag to simplify this as well.

Signed-off-by: Hayden <haydentherapper@users.noreply.github.com>
---
 content/en/cosign/system_config/public_deployment.md | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/content/en/cosign/system_config/public_deployment.md b/content/en/cosign/system_config/public_deployment.md
index 6405fe8b..aa15dcd3 100644
--- a/content/en/cosign/system_config/public_deployment.md
+++ b/content/en/cosign/system_config/public_deployment.md
@@ -30,12 +30,13 @@ To use this instance, follow the steps below:
 1. `rm -r ~/.sigstore`
 1. `curl -O https://raw.githubusercontent.com/sigstore/root-signing-staging/main/metadata/root_history/1.root.json`
 1. `cosign initialize --mirror=https://tuf-repo-cdn.sigstage.dev --root=1.root.json`
-1. `cosign sign --oidc-issuer "https://oauth2.sigstage.dev/auth" --fulcio-url "https://fulcio.sigstage.dev" --rekor-url "https://rekor.sigstage.dev" ${IMAGE_DIGEST}`
-1. `cosign verify --rekor-url "https://rekor.sigstage.dev" ${IMAGE} --certificate-identity=name@example.com --certificate-oidc-issuer=https://accounts.example.com`
+1. `curl -O https://raw.githubusercontent.com/sigstore/root-signing-staging/refs/heads/main/targets/signing_config.v0.2.json`
+1. `cosign sign --signing-config signing_config.v0.2.json ${IMAGE_DIGEST}`
+1. `cosign verify --certificate-identity=name@example.com --certificate-oidc-issuer=https://accounts.example.com ${IMAGE}`
 
-* Steps 1-3 configure your local environment to use the staging keys and certificates.
-* Step 4 specifies the staging environment with flags needed for signing.
-* Step 5 specifies the staging environment with flags needed for verifying.
+* Steps 1-4 configure your local environment to use the staging keys and certificates, along with the service URLs.
+* Step 5 specifies the staging environment with flags needed for signing.
+* Step 6 specifies the staging environment with flags needed for verifying.
 
 #### Revert Back to Production