shuting
shuting
> We also want to make sure we cover this with kuttl tests. Logged https://github.com/kyverno/kyverno/issues/5307.
/cherry-pick release-1.8
> @realshuting is this targeting 1.8.2 ? Yes.
Are we still targeting this for 1.8.2?
/cherry-pick relaese-1.8
/cherry-pick release-1.8
Hi @praddy26 - the codefreeze for 1.8.2 starts this Friday Nov 11th, are you able to send the PR before it so that we can start the review process?
From my understanding, this is what Jim suggested - verify `attestations` for each `attestors` entry: ```yaml verifyImages: - imageReferences: - "ghcr.io/chipzoller/zulu:*" attestors: - entries: - keyless: subject: "https://github.com/chipzoller/zulu/.github/workflows/slsa-generic-keyless.yaml@refs/tags/v*" issuer: "https://token.actions.githubusercontent.com"...
Got clarification from Jim, @praddy26 you are right, we will need something like this as you proposed https://github.com/kyverno/kyverno/issues/4847#issuecomment-1312492037. Let's meet and discuss next steps to unblock 1.8.2.
Based on the discussion in the contributors meeting (Nov 16th 2022), we have changed the design. Will work on the proposal and share with the community.