ratify
ratify copied to clipboard
ratify-project
Artifact Ratification Framework
### What happened in your environment? The Azure e2e tests fail on the main branch intermittently. The new test clean up stage seems to run concurrently to the actual test...
### What would you like to be added? We already have issues(https://github.com/deislabs/ratify/issues/963, https://github.com/deislabs/ratify/issues/972) tracking it for external data requests. This issue is for tracking the same functionalities in CRD management....
### What would you like to be added? OCI Artifact has been removed from OCI Image spec 1.1.0 rc.2 and onwards. Ratify should no longer support this. We have set...
### What would you like to be added? Ratify plans to add support for multiple auth providers the ORAS referrer store. Each auth provider will be selected via a regex/prefix...
This could be either alongside or in replacement to the current plugin system. Let's discuss further gRPC vs HTTP(s) and which we'd prefer. This supports K8s-native function and allows for...
### What happened in your environment? When I create two store cr in my cluster. The first one is empty auth provider. The second is azure workload identity. My verification...
### What would you like to be added? The default Ratify installation relies on a single Ratify pod processing all requests. For higher performance and availability requirements, Ratify can be...
### What would you like to be added? Certificate revocation is a process in which a certificate is deemed invalid before the end of its lifecycle. Here are some reasons:...
I tried to use Notation and the local registry (CNCF distribution/distribution) with Ratify to verify a signed image on K3s and Minukube, but the verification failed. The error logs from...
### What would you like to be added? [HashiCorp Vault KMS plugin](https://github.com/notaryproject/notation-hashicorp-vault) will be available to use with Notation so that users can sign OCI artifacts using the signing key...