-
Notifications
You must be signed in to change notification settings - Fork 22
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add cosign signature verification for plugin inventory image to ensur…
…e integrity of plugins -Added signature verification of plugin inventory(DB) image to ensure the integrity of plugin downloaded and installed from the repository - Also embedded the default public key in the CLI required to verify the cosign signature - If the signature verification fails, CLI would show the warning message but would not throw error and users can choose to skip this validation by setting the environment variable SKIP_PLUGIN_METADATA_SIGNATURE_VERIFY Signed-off-by: Prem Kumar Kalle <pkalle@vmware.com>
- Loading branch information
Showing
9 changed files
with
1,440 additions
and
385 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.