From 140e99278bc3602784efad0deefc2ae9409ec40e Mon Sep 17 00:00:00 2001 From: gerblesh <101901964+gerblesh@users.noreply.github.com> Date: Mon, 24 Jul 2023 16:08:25 -0700 Subject: [PATCH] fix: remove old signing config, using the one from the config repo instead (#124) --- usr/etc/containers/policy.json | 74 --------------------- usr/etc/containers/registries.d/cosign.yaml | 3 - 2 files changed, 77 deletions(-) delete mode 100644 usr/etc/containers/policy.json delete mode 100644 usr/etc/containers/registries.d/cosign.yaml diff --git a/usr/etc/containers/policy.json b/usr/etc/containers/policy.json deleted file mode 100644 index aa4e3ee162..0000000000 --- a/usr/etc/containers/policy.json +++ /dev/null @@ -1,74 +0,0 @@ -{ - "default": [ - { - "type": "reject" - } - ], - "transports": { - "docker": { - "registry.access.redhat.com": [ - { - "type": "signedBy", - "keyType": "GPGKeys", - "keyPath": "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release" - } - ], - "registry.redhat.io": [ - { - "type": "signedBy", - "keyType": "GPGKeys", - "keyPath": "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release" - } - ], - "ghcr.io/ublue-os": [ - { - "type": "sigstoreSigned", - "keyPath": "/usr/etc/pki/containers/cosign.pub", - "signedIdentity": { - "type": "matchRepository" - } - } - ], - "": [ - { - "type": "insecureAcceptAnything" - } - ] - }, - "docker-daemon": { - "": [ - { - "type": "insecureAcceptAnything" - } - ] - }, - "atomic": { - "": [ - { - "type": "insecureAcceptAnything" - } - ] - }, - "dir": { - "": [ - { - "type": "insecureAcceptAnything" - } - ] - }, - "oci": { - "": [ - { - "type": "insecureAcceptAnything" - } - ] - }, - "tarball": { - "": [ - { - "type": "insecureAcceptAnything" - } - ] - } - } -} diff --git a/usr/etc/containers/registries.d/cosign.yaml b/usr/etc/containers/registries.d/cosign.yaml deleted file mode 100644 index 24b197fa1a..0000000000 --- a/usr/etc/containers/registries.d/cosign.yaml +++ /dev/null @@ -1,3 +0,0 @@ -docker: - ghcr.io/ublue-os: - use-sigstore-attachments: true