Actions
Story #9581
closedStory #9502: [EPIC] Contrainer Signing and Verification
As a user I can audit existing container images and verify its signatures
Status:
CLOSED - DUPLICATE
Priority:
Normal
Assignee:
-
Sprint/Milestone:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:
Description
Ticket moved to GitHub: "pulp/pulp_container/510":https://github.com/pulp/pulp_container/issues/510
There will be a separate API call that will be provided with the (1) signature verification policy config (2) public keys to verify against (3) content to verify
A follow-up question: what to do in case validation failed? There should be some steps that will take care of removing tempered content. Should this be automatic or a separate manual call?
Actions