Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

set cosign-installer to use default (latest) cosign version #242

Merged
merged 1 commit into from
Jun 21, 2024

Conversation

aobort
Copy link
Collaborator

@aobort aobort commented Jun 20, 2024

I'd proceed with using cosign in "keyless" mode, otherwise we'll also need to deal with key management. The root cause of cosign step failures was in rotated TUF root certs:

What about adding verification how-to to README.md: I'd suggest to postpone it until next release, otherwise users might try to verify existing images which will lead to an error:

IMG=ghcr.io/aenix-io/etcd-operator:v0.2.0
cosign verify ${IMG} --certificate-identity-regexp '.*' --certificate-oidc-issuer=https://token.actions.githubusercontent.com
Error: no signatures found
main.go:69: error during command execution: no signatures found

Fixes: #60

@aobort aobort requested a review from kvaps June 20, 2024 19:36
@aobort aobort enabled auto-merge June 21, 2024 07:02
@aobort aobort merged commit 468c477 into aenix-io:main Jun 21, 2024
9 checks passed
@aobort aobort deleted the fix/cosign branch June 21, 2024 11:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Configure cosign
3 participants