Project

Profile

Help

Story #9510

Story #9502: [EPIC] Contrainer Signing and Verification

As a user I can host container image signatures

Added by ipanova@redhat.com 13 days ago. Updated 1 day ago.

Status:
NEW
Priority:
Normal
Assignee:
-
Sprint/Milestone:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:

Description

Signatures that were:

  • mirrored from remote source
  • produced by Pulp Container Registry
  • pushed into Pulp Container Registry by clients

will be available at the signature extensions API.

Add new Signature model which will have many to one relationship to the Manifest. On manifest deletion, it's signatures will be also removed.

Q: store the signature in the DB ( it is a json file) or as an artifact?

Q: store the signature as manifests part of docker v2 api ( make it cosign like, but skopeo/podman do not support that yet) we will not support this for now

History

#1 Updated by ipanova@redhat.com 13 days ago

  • Description updated (diff)

#2 Updated by ipanova@redhat.com 13 days ago

  • Description updated (diff)

#3 Updated by ipanova@redhat.com 7 days ago

  • Description updated (diff)

#4 Updated by ipanova@redhat.com 7 days ago

  • Description updated (diff)

#5 Updated by ipanova@redhat.com 1 day ago

  • Description updated (diff)

Please register to edit this issue

Also available in: Atom PDF