You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Only fetch the attachment config if we actually have a new signature to add (and if we continue to update the DiffID list).
Only upload an updated attachment config and manifest if we added at least one new signature.
Use private.UnparsedImage.UntrustedSignatures, not types.UnparsedImage.Signatures, throughout c/image/signature so that non-simple signatures are not silently ignored on some code paths, and the code at least logs that they were not considered.
Consider accepting any of a set of public keys
Consider allowing remapIdentity to do repo-only matching.
Pass the copy.Image report writer and/or progress bar objects to transports, use that for reporting attachment reads/writes
Do we actually need to add layers to the attachment config’s DiffIDs array?
Captured from PRs
private.UnparsedImage.UntrustedSignatures
, nottypes.UnparsedImage.Signatures
, throughoutc/image/signature
so that non-simple signatures are not silently ignored on some code paths, and the code at least logs that they were not considered.remapIdentity
to do repo-only matching.copy.Image
report writer and/or progress bar objects to transports, use that for reporting attachment reads/writesDiffIDs
array?isManifestUnknown
from Add support for reading and writing Cosign attachments to c/image/docker #1595 against various registries?cosign sign
without--recursive
)The text was updated successfully, but these errors were encountered: