policies [Sample] Add back a policy with KMS verification

[Sample] Add back a policy with KMS verification

Open chipzoller opened this issue 3 years ago • 0 comments

Problem Statement

GCPKMS verification doesn't seem to work in Kyverno 1.7.2, and owing to the breaking changes in Cosign which forced us to adopt 1.9.0 internally, earlier versions of 1.7.x do not work at all. As a result, I had to remove the image verification sample which uses GCPKMS. Once https://github.com/kyverno/kyverno/issues/4330 is resolved, we can add such a sample back.

Solution Description

Add a sample policy that illustrates how to verify an image using a GCP KMS key.

Example "Good" Resource

No response

Example "Bad" Resource

No response

Other Comments

No response

Slack discussion

No response

Troubleshooting

[X] I have read and followed the documentation AND the troubleshooting guide.
[X] I have verified the policy does not exist in the samples library.

Aug 11 '22 16:08 chipzoller

policies policies copied to clipboard

[Sample] Add back a policy with KMS verification

Problem Statement

Solution Description

Example "Good" Resource

Example "Bad" Resource

Other Comments

Slack discussion

Troubleshooting

policies
policies copied to clipboard