Resolve Secrets from CIP into ConfigMap #1573
Assignees
Labels
enhancement
New feature or request
Comments
|
I'd vote for using an array of SecretRefs and expecting |
vaikas
added a commit
to vaikas/cosign
that referenced
this issue
Mar 11, 2022
Use tracker to keep track of changes to secrets, for example if a secret doesn't exist initially, once it shows up. Tested obvs with UT but also tested on a real cluster that the tracker is keeping track of changes to secrets. Fix sigstore#1573 Signed-off-by: Ville Aikas <[email protected]>
vaikas
added a commit
to vaikas/cosign
that referenced
this issue
Mar 11, 2022
Use tracker to keep track of changes to secrets, for example if a secret doesn't exist initially, once it shows up. Tested obvs with UT but also tested on a real cluster that the tracker is keeping track of changes to secrets. Fix sigstore#1573 Signed-off-by: Ville Aikas <[email protected]>
vaikas
added a commit
to vaikas/cosign
that referenced
this issue
Mar 11, 2022
Use tracker to keep track of changes to secrets, for example if a secret doesn't exist initially, once it shows up. Tested obvs with UT but also tested on a real cluster that the tracker is keeping track of changes to secrets. Fix sigstore#1573 Signed-off-by: Ville Aikas <[email protected]>
dlorenc
pushed a commit
that referenced
this issue
Mar 11, 2022
Use tracker to keep track of changes to secrets, for example if a secret doesn't exist initially, once it shows up. Tested obvs with UT but also tested on a real cluster that the tracker is keeping track of changes to secrets. Fix #1573 Signed-off-by: Ville Aikas <[email protected]>
mlieberman85
pushed a commit
to mlieberman85/cosign
that referenced
this issue
May 6, 2022
…1595) Use tracker to keep track of changes to secrets, for example if a secret doesn't exist initially, once it shows up. Tested obvs with UT but also tested on a real cluster that the tracker is keeping track of changes to secrets. Fix sigstore#1573 Signed-off-by: Ville Aikas <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As a follow on to #1562 we need to read the Secrets (which are really just public keys in this use case) and add them into the config-image-policies ConfigMap.
There's couple of questions about this. If a Secret has multiple keys in it, should we cat them all into a single
dataentry in the fields. Related,is it meant that this field can hold multiple keys or just a single key?https://github.com/sigstore/cosign/blob/main/pkg/apis/cosigned/v1alpha1/clusterimagepolicy_types.go#L94
The text was updated successfully, but these errors were encountered: