Alexis Métaireau
Alexis Métaireau
In addition to what's already been discussed, we have been thinking about having the application point to online documentation, especially in errors for which we know that an answer exist....
In order to handle air-gapped environments, we need a format which provides the following: 1. Layer "blobs" (e.g. where the podman/docker layers are stored) 2. The cosign signatures 3. A...
The approach mentioned in the previous posts (`cosign save` && `podman load -i` with a modified `index.json`) works for `podman`, but the same approach isn't working with `docker`, unfortunately, as...
`regctl` seem to have a way to create tarballs from specific architectures. That can be used like this: (`here` is an OCI directory, as provided by `cosign save`, and the...
> replace cosign save with something like docker save && cosign download signature && tar cvf dz-image-sig.tar Yeah, it might be practical. Using `cosign save` provides us a way to...
As asked by @apyrgio out of band, here is the results of an `repro-build analyze` ([from this PR](https://github.com/freedomofpress/dangerzone/pull/1086)) on a tarball created by `cosign save`: ```bash ./dev_scripts/repro-build analyze dangerzone-airgapped.tar The...
> replace cosign save with something like docker save && cosign download signature && tar cvf dz-image-sig.tar I tried to do this today without luck. I won't report the exact...
The current take on the UX is that a single setting will be used "Check for updates and install when possible". A future version could separate checking and installing though....
We've had reports of users saying that they got a message: > [INFO] Successfully installed container image" Even though they were lacking space and the image wasn't installed. The current...
After some more investigation, it doesn't seem to be doable, because Nested Virtualization is not currently possible on the github runners, as mentioned here: > Nested-virtualization and Metal Performance Shaders...