Open onzyone opened 2 years ago
I have no idea how to do this yet ... but we need to find a way within the cluster to stop images that are not signed with cosign from deploying ... maybe look at opa ?? or maybe cosign has a crd or mutated webhook for this ... not sure :D
I have no idea how to do this yet ... but we need to find a way within the cluster to stop images that are not signed with cosign from deploying ... maybe look at opa ?? or maybe cosign has a crd or mutated webhook for this ... not sure :D