Josh Dolitsky
Josh Dolitsky
Currently, the policy admission controller is able to block admission based on the presence of certain attestations, evaluated against some Cue code. For example, from [here](https://github.com/sigstore/cosign/blob/main/test/testdata/policy-controller/e2e/cip-requires-two-signatures-and-two-attestations.yaml#L15): ```yaml ... policy: type:...
After building the image filesystem, scan the `/var/lib/db/sbom` directory looking for files in the form: - `$package.cdx` (CycloneDX) - `$package.spdx.json` (SPDX) These files should be included during a melange build...
Would be extremely nice to add a section on the individual Helm release page (similar to pod "Resource Viewer") that creates a graphviz of all of the resources tied to...
Currently only Linux x86-64/AMD64 is supported for magician, but should support more. Possibly release separate binaries if we are still embedding the credential helpers.
Ideally, when a new version of one of the supported helpers is released, a new version of this tool is built and released, so that we do not need to...
See https://github.com/oras-project/oras-go/search?q=deis cc @shizhMSFT
Even if we have people willing to take on the role of maintainership, PRs to add these people are not even being reviewed. For example: - https://github.com/opencontainers/image-spec/pull/911 - https://github.com/opencontainers/image-spec/pull/909 I...
Hello, this is related to https://github.com/goharbor/harbor/issues/7773 (cc @reasonerjt) Harbor should introduce support for new artifact types over [OCI](https://www.opencontainers.org/). Some examples may include [Helm](https://helm.sh/) charts, [CNAB](https://cnab.io/) bundles, [OPA](https://www.openpolicyagent.org/) bundles, as well...
Maybe we can fix it by simply renaming slug to `azure-container-registry`, but this may be bigger issue cc @tianon
If I run something like the following: ``` cosign attach sbom "${REMOTE_IMAGE}" --sbom=./sbom.txt ``` and the file `sbom.txt` does not yet exist, the blob uploaded contains the literal string contents...