-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Command 'podman image trust set' does not set signedIdentity for type sigstoreSigned #16624
Comments
@cdoern PTAL |
A friendly reminder that this issue had no activity for 30 days. |
@cdoern @vrothberg PTAL |
I can take care of fixing but want @mtrmac's pair of eyes before on the issue. |
IMHO |
A friendly reminder that this issue had no activity for 30 days. |
@mtrmac Reminder |
Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)
/kind bug
Description
Command
podman image trust set
does not setsignedIdentity
for typesigstoreSignedBy
. User needs to manually update /etc/containers/policy.json and set the parameter.Also the command should be consistent with the policy file type.
Command type: sigstoreSignedBy
Policy file type: sigstoreSigned
Steps to reproduce the issue:
podman image trust set --type sigstoreSignedBy --pubkeysfile <public key file path> <registry>
Entry in
/etc/containers/policy.json
created/etc/containers/policy.json
is necessaryDescribe the results you received:
Content trust for registry fails unless policy file is manually updated.
Describe the results you expected:
According to https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md
sigstoreSigned images require signedIdentity to be set to matchRepository or exactRepository
The command should set one automatically or allow setting signedIdentity parameters.
Additional information you deem important (e.g. issue happens only occasionally):
Output of
podman version
:Output of
podman info
:Package info (e.g. output of
rpm -q podman
orapt list podman
orbrew info podman
):Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/main/troubleshooting.md)
Yes
Additional environment details (AWS, VirtualBox, physical, etc.):
Locally running podman installation.
The text was updated successfully, but these errors were encountered: