From a43e05055aa51b5e378e56eae03a46a08a89db64 Mon Sep 17 00:00:00 2001
From: Luke Hinds <7058938+lukehinds@users.noreply.github.com>
Date: Mon, 23 Nov 2020 20:13:41 +0000
Subject: [PATCH] README updates (#50)

* README updates

Details on how to build the server and verify amendments
---
 README.md | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 53 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 95f98c6..0c2aa0b 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,11 @@ RekÃ³r - Greek for â€œRecordâ€
 
 Rekor's goals are to provide an immutable tamper resistant ledger of metadata generated within a software projects supply chain.  Rekor will enable software maintainers and build systems to record signed metadata to an immutable record. Other parties can then query said metadata to enable them to make informed decisions on trust and non-repudiation of an object's life-cycle, based on signed metadata stored within a tamper proof binary (merkle) tree.
 
-Rekor requires a running instance of the [rekor-server](https://github.com/projectrekor/rekor-server).
+## Build Rekor CLI
+
+From `rekor/cmd/server`
+
+`go build -o rekor`
 
 ## Sign your release
 
@@ -45,7 +49,54 @@ The `verify` command sends your public key / signature and artifcate URL to the
 You would typically use this command as a means to  verify an 'inclusion proof'
 in that your artifact is stored within the transparency log.
 
-`rekor-cli upload --signature <artifact-signature> --public-key <your_public_key> --artifact-url <url_to_artifact>`
+`rekor verify --signature <artifact-signature> --public-key <your_public_key> --artifact-url <url_to_artifact>`
+
+* alternatively you can use a local artifact with `--artifact-url` path
+
+# Run a rekor server
+
+## Create Database and populate tables
+
+Trillian requires a database, we use MariaDB for now (others to be explored later). Once this
+is installed on your machine edit the `scripts/createdb.sh` with your database root account credentials and run the script.
+
+## Build Trillian
+
+To run rekor you need to build trillian
+
+```
+go get github.com/google/trillian.git
+go build ./cmd/trillian_log_server
+go build ./cmd/trillian_log_signer
+
+```
+
+### Start the tlog server
+
+```
+trillian_log_server -http_endpoint=localhost:8090 -rpc_endpoint=localhost:8091 --logtostderr ...
+```
+
+### Start the tlog signer
+
+```
+trillian_log_signer --logtostderr --force_master --http_endpoint=localhost:8190 -rpc_endpoint=localhost:8191  --batch_size=1000 --sequencer_guard_window=0 --sequencer_interval=200ms
+```
+
+## Build Rekor Server
+
+From `rekor/cmd/server`
+
+`go build -o rekor-server`
+
+## Start the rekor server
+
+```
+./rekor-server serve
+2020-09-12T16:32:22.705+0100	INFO	cmd/root.go:87	Using config file: /Users/lukehinds/go/src/github.com/projectrekor/rekor-server/rekor-server.yaml
+2020-09-12T16:32:22.705+0100	INFO	app/server.go:55	Starting server...
+2020-09-12T16:32:22.705+0100	INFO	app/server.go:61	Listening on 127.0.0.1:3000
+```
 
 ## Contributions
 
-- 
GitLab