Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Verifying images using a generated public key #18

Open
Anna-Katona opened this issue Jul 11, 2022 · 1 comment
Open

Verifying images using a generated public key #18

Anna-Katona opened this issue Jul 11, 2022 · 1 comment
Labels
enhancement New feature or request

Comments

@Anna-Katona
Copy link

Description

Hi!

We'd like to have an opportunity to pass our own Cosign public key generated with cosign generate-key-pair to the provider. To use it the same way as 'cosign verify --key ...’

Expectations:

  1. Generate a key pair using cosign generate-key-pair
  2. Sign an image
  3. Create a k8s secret/configmap for cosign.pub
  4. Pass the secret/configmap to cosign-gatekeeper-provider deployment
  5. Verify the images using the public key
@Anna-Katona Anna-Katona added the enhancement New feature or request label Jul 11, 2022
@rajatrj16
Copy link

Hi, I am also looking for something similar if there is a way or in the roadmap please add updates to this issue.
I was looking at this repo and it looks like more of a demo and deprecated with gatekeeper version.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Anna-Katona @rajatrj16