Azurite icon indicating copy to clipboard operation
Azurite copied to clipboard

Published 20 hours ago verified publisher icon Azure

Is there signed version of this image?

Open QianYC opened this issue 1 year ago • 7 comments

Hi team,

I'm Microsoft internal user, I'm using this image to support our timer triggered azure functions hosted in AKS. We enforce image integrity on the cluster via ratify, which refused to deploy this azurite image because it lacks valid signature. I wonder if you could offer a ESRP signed version of this image?

Thanks!

QianYC avatar Nov 02 '23 07:11 QianYC

@QianYC

Would you please indicate where do you get Azurite? npm/Docker/ VS(exe) or docker?

blueww avatar Nov 02 '23 07:11 blueww

@blueww I get azurite from MCR: mcr.microsoft.com/azure-storage/azurite:latest

QianYC avatar Nov 02 '23 08:11 QianYC

Hi @QianYC , See your requirement here. I'll need to take a look into docker image signing process. Will get back to you with any update.

EmmaZhu avatar Nov 03 '23 02:11 EmmaZhu

Hi @EmmaZhu, I wonder if there is any update? Thanks!

QianYC avatar Nov 14 '23 04:11 QianYC

Hi @QianYC ,

I still cannot figure out the way to sign docker image with ESRP. I see a work item for ESRP team to support signing docker images but still not resolved.

I have taken a look into ratify, seems it supports to sign docker image with a private key which ESRP won't share to individuals.

Now I'm stuck here. If you are aware of a way to sign docker image, can you share with us? Really appreciate any help.

Thanks Emma

EmmaZhu avatar Nov 16 '23 07:11 EmmaZhu

@EmmaZhu yes I did find some docs regarding how to use ESRP to sign container images. I'm not sure if it's ok to share the link here, could you tell me your alias so that I can ping you in person? Thanks!

QianYC avatar Nov 16 '23 07:11 QianYC

My alias is emmazhu.

EmmaZhu avatar Nov 16 '23 08:11 EmmaZhu