This repository has been archived by the owner on Jul 7, 2022. It is now read-only.
Sign all container images #65
Comments
|
We are using several external dependencies in the form of helm charts, each of them with its own image(s). We could try to do it for our images, namely the default docker parity/polkadot, not sure if it is being signed now. If so, we would need to make the signing public key available to the k8s worker nodes and define a docker policy in each of them. I'll check if this is possible in the managed kubernetes we are using at the moment and post back here. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
All container images should be signed, and the commands that download them need to check the signatures.
The text was updated successfully, but these errors were encountered: