Markus Rudy

icon indicating a website link https://rudymentaer.de

icon location Augsburg, Germany icon location Container Orchestrator

Results 45 comments of Markus Rudy

[Lib] Implement net builtins

Thanks all, that's great! I'm mostly interested in `net.cidr_contains` - looking forward to it...

proposal: tighten digest verification requirements for clients

> Would container image signature schemes such as `cosign` or `notation` not work for you? @rchincha: Thanks for pointing this out, I forgot to mention it in the use case....

policy: fix allow_var rule for sandbox-name

Looks like we merged this as https://github.com/kata-containers/kata-containers/commit/1e466bf39c267ab81bcdec6a34d006b0b494a352, right?

image pulling does not validate digests

Yes, and I think it should be two checks: 1. Does the `Docker-Content-Digest` match the returned body? 2. Does the requested digest match the actual digest? For (2), the spec...

image pulling does not validate digests

Fyi, I proposed a clarification for the distribution spec in https://github.com/opencontainers/distribution-spec/issues/549.