Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Procedure to make ostree-image-signed work as expected #35

Open
xlionjuan opened this issue Nov 4, 2024 · 0 comments
Open

Procedure to make ostree-image-signed work as expected #35

xlionjuan opened this issue Nov 4, 2024 · 0 comments

Comments

@xlionjuan
Copy link

According to /etc/containers/policy.json, only, ghcr.io/ublue-os and some RedHat sources will verify the signing key of the containers, if I didn't manually add my repo to and my pubkey to it, it will just proceed it, I tried modify policy.json and add my pubkey to system, rpm-ostree will return following error:

error: Creating importer: Failed to invoke skopeo proxy method OpenImage: remote error: A signature was required, but no signature exists

It didn't say it is incorrect, it said it isn't exists, is is because I push my image to Docker Hub?

But when I manually run cosign verify, it said my container is valid.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@xlionjuan