Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature Request: Add verify_keyless_github_actions function #41

Closed
viccuad opened this issue May 24, 2022 · 0 comments · Fixed by kubewarden/docs#131 or #52
Closed

Feature Request: Add verify_keyless_github_actions function #41

viccuad opened this issue May 24, 2022 · 0 comments · Fixed by kubewarden/docs#131 or #52
Assignees
@viccuad
Labels
kind/enhancement

Comments

@viccuad
Copy link
Member

viccuad commented May 24, 2022

Is your feature request related to a problem?

We want to implement kubewarden/policy-fetcher#91. This is a breaking change, that will break https://github.com/kubewarden/verify-image-signatures if configured to to verify images sign via keyless in GHA.

Solution you'd like

Add a new verify_keyless_github_actions function that uses githubActionsVerifier instead of GenericIssuerSubjectVerifier to validate keyless signatures done in GHA.

We can consume that new verify_keyless_github_actions function in https://github.com/kubewarden/verify-image-signatures then.

Alternatives you've considered

If we have easyjson on the Go SDK, maybe it's simpler to provide a callback that accepts a full VerificationConfig instead.

Anything else?

No response
@viccuad viccuad self-assigned this Jun 23, 2022
@viccuad viccuad mentioned this issue Jun 24, 2022
Merged
This was referenced Jul 4, 2022
Merged
Closed
Merged
Closed
Closed
@viccuad viccuad linked a pull request Jul 8, 2022 that will close this issue
feat!: Bundle GHA info into Vec<KeylessGithubActionsInfo{}> #51
Closed
@raulcabello raulcabello mentioned this issue Jul 12, 2022
Merged
@raulcabello raulcabello linked a pull request Jul 12, 2022 that will close this issue
Add Github actions and subject prefix verification to sdk #52
Merged
@raulcabello raulcabello mentioned this issue Jul 12, 2022
Merged
@viccuad viccuad mentioned this issue Jul 13, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@viccuad viccuad

Labels
kind/enhancement
Projects
None yet
Milestone
No milestone
2 participants
@jvanz @viccuad