[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] image signing and signature verification in OCP-3.6

Update: This is the correct command but it is not working at the moment, at least in my use case. The signing needs to access the image manifest but is using an internal IP instead of the public registry IP.

https://trello.com/c/2cHkrqIu/954-provide-public-pull-url-for-images

On Wed, Aug 16, 2017 at 9:22 AM, Tom McKay <thomasmckay redhat com> wrote:
And of course I immediately find some docs[1]:

$ oc adm verify-image-signature <image> --expected-identity=<pull_spec> [--save] [options]



[1] https://docs.openshift.com/container-platform/3.5/dev_guide/image_signatures.html#verifying-image-signatures-using-openshift-cli

On Wed, Aug 16, 2017 at 9:17 AM, Tom McKay <thomasmckay redhat com> wrote:
I am looking for instructions on how to verify a signature of an image pushed to OCP. I can add a signature as it is 'atomic push' to OCP but it is marked as "unverified".

Find me on #atomic for further discussion about details. I'll be sure to follow up this email with solution and other details.

Thanks!


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]