Story #1146: As a user, I am assured that Pulp is downloading trusted manifests - Docker Support

Actions

Send by e-mail Copy link

Story #1146

closed

As a user, I am assured that Pulp is downloading trusted manifests

Added by rbarlow almost 9 years ago. Updated about 5 years ago.

Status:

CLOSED - WONTFIX

Priority:

Normal

Assignee:

Start date:

Due date:

% Done:

Estimated time:

Platform Release:

Target Release - Docker:

Groomed:

Sprint Candidate:

Tags:

Pulp 2

Sprint:

Quarter:

Description

The v2 manifest[0] has support for cryptographic signatures. For this story, we need to learn how those signatures work and add support to the importer to verify the signatures of the downloaded manifests.

Deliverables:

Add support to the importer to validate the signatures
Consider whether this validation should be optional
Add support to pulp-admin
Documentation
Tests

[0] https://github.com/docker/distribution/blob/release/2.0/docs/spec/manifest-v2-1.md

Actions

Send by e-mail Copy link

Also available in: Atom PDF

Project

Profile

Help

Docker Support

Agile boards

Custom queries

Story #1146

As a user, I am assured that Pulp is downloading trusted manifests

Updated by rbarlow over 8 years ago

Updated by rbarlow about 8 years ago

Updated by mhrivnak almost 8 years ago

Updated by bmbouter about 5 years ago

Updated by bmbouter about 5 years ago

Updated by bmbouter about 5 years ago