Susan Shi
Susan Shi
Hi, A follow up question, if the customer define a new SecretProviderClass CR at runtime to specify a new keyvault cert, if this new cert needs to be mounted to...
We have to continue supporting this until 2.0. Create 2.0 milestone and make deprecation announcement in current release.
Move to 1.1
thanks for bringing this up @sozercan. Do you think the SLSA provenance store/verifier experience will be similar to the [spdx ](https://github.com/deislabs/ratify/blob/main/docs/working-with-spdx.md) example? In the spdx example, the spdx verifier configuration...
Hi @sozercan ,we had a discussion around this item in our community meeting. We have a [item](https://github.com/deislabs/ratify/issues/35) tracking OPA policy integration. We want to build a general json verifier based...
We also discussed another [passthrough](https://github.com/deislabs/ratify/issues/171) option where ratify can return a report and keep the decision in keep based on rego policy
This would make debugging verifier significantly easier. Would be great to have data on performance comparison between subprocess ( current) / gRPC/ HTTPS to understand performance implication.
When notation and cosign are both configured, there is a few options how the policy behaves ( 1. i want to make sure notation and cosign signature exist , 2...
Discussed in PR review meeting today, we can add a flag in ratify helm chart to disable notation verifier. But at least 1 BUILT IN verifier must be configured, the...
Hi @binbin-li , can you confirm this will address as apart of error message improvements in 1.3?