SkygearIO / features

Feature Tracking Repo for Skygear

Apache License 2.0

3 stars 12 forks source link

Open chpapa opened 5 years ago

chpapa commented 5 years ago

Description

A feature issue for internal audit of our measures to ensure Docker Image integrity.

References:

Usage of Docker Content Trust / notary (which is based on tuf at docker images update/acceptance?

carmenlau commented 5 years ago

Did some research about enabling docker content trust in k8s. There is no native way to enable docker content trust in k8s. https://github.com/kubernetes/kubernetes/issues/30603

And the images in k8s.gcr.io are not signed too. So we cannot enable docker content trust for the whole cluster... https://github.com/kubernetes/kubernetes/issues/63704