Philipp Belitz

The more I look into it, the less trivial this issue seems to be ... let me outline you the problem as much as I have grasped it by now:...

Hi there! Thank you very much for the issue. The reason we don't support `rsa`, `rsa-x509` and `ecdsa-x509` (yet) is because the default key generation using Docker Content Trust only...

be aware of this: https://github.com/sse-secure-systems/connaisseur/pull/969#discussion_r1159669738

This is expected behavior. The webhooks need to be installed after the Connaisseur deployment, otherwise they may block Connaisseur itself. This only works with helm hooks, but using them the...

@timothy-spencer i will have a look next week 🥸

Hello 👋 That is probably the case because we have two webhooks defined, that are meant to overwrite eachother. But I guess this only works for helm installation, since we...

Huh, ok. I introduced a new field inside the helm/values.yaml called `argoCDDeployment` (set to true for now).That should make sure only a single webhook gets deployed. Please try again.

Short answer: That's a standard issue of strict admission controllers (which connaisseur is). They are not suited for restarting of clusters and should be uninstalled/disabled before restarting. Long answer: The...

That's a fairly specific usecase. Multiple options: 1. Write a CronJob that automatically uninstalls and installs Connaisseur at given times. Do this before stopping the cluster and shortly after restarting....

Hey @carlsoane ! Thank you for the issue! If you are able to retrieve the JWT manually, did you also try to access `https://notary-test.repositories.cloud.mycompany/v2/mycomponent-dss-poc.common.repositories.cloud.mycompany/busybox-test/_trust/tuf/targets.json` using the token? Does that also...