We'd like to implement image signing for our imagestreams. We are unable to use `atomic cli` or skopeo to sign the images since we support other OS's and not just rpm based distros.
There seems to be a way to write signatures using the registry API as written here: https://docs.openshift.com/container-platform/3.9/admin_guide/image_signatures.html#accessing-image-signatures-using-registry-api My question is about the signature.json payload. How is this file generated? Do we still need to sign the images first using `atomic cli` or skopeo? Is there a more generic way of signing the image streams? { "version": 2, "type": "atomic", "name": "sha256:4028782c08eae4a8c9a28bf661c0a8d1c2fc8e19dbaae2b018b21011197e1484@cddeb7006d914716e2728000746a0b23", "content": "<cryptographic_signature>" }
_______________________________________________ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users
