New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use Cosign and Sigstore to sign the images that are in the registry #47

Open

rcarrata opened this issue Dec 16, 2021 · 3 comments

Labels

Owner

rcarrata commented Dec 16, 2021

https://github.com/sigstore/cosign#registry-support

Possible Issue: Quay needs to be used, because the OCP Internal registry it's not supported.

rcarrata added the enhancement label

Owner Author

rcarrata commented Jun 5, 2022

Added in ACS the possibility to check directly the Cosign Image -> https://openshift-docs-i4nuv2png-kcarmichael08.vercel.app/openshift-acs/master/operating/verify-image-signatures.html#configure-signature-integration_verify-image-signatures

Contributor

MoOyeg commented Jul 8, 2022

Started this feature- https://github.com/MoOyeg/devsecops-demo.git. I will push when complete.

Owner Author

rcarrata commented Jul 8, 2022

great!!! thanks for your work @MoOyeg++ !!

MoOyeg mentioned this issue

Added Feature for Image and Pipeline Signing #56

Merged

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment