Closed amartin120 closed 1 year ago
@chaospuppy After doing some additional homework on retrieving a dict
from a list
, I'm still happy with my use of next
as it uses an iterator as an internal implementation, which is faster than generic methods. Not that speed is incredibly important for such a small list. I'm more than happy to discuss other options though.
https://www.geeksforgeeks.org/python-find-dictionary-matching-value-in-list/?ref=lbp (Method #2)
Here's the equivalent if I had to rewrite it.
cosign_registry = None
for item in self.cosign_registries:
if item.get("registry") == source.registry() and (
item.get("repo") is None
or item.get("repo") == source.repo().split("/")[0]
):
cosign_registry = item
break
@chaospuppy after merging your suggestions, I had to make some additional changes in order to get this to actually work for my testing. Any additional thoughts?
LGTM @amartin120 ! Sorry for the delay
So how's this for an idea @chaospuppy? Instead of passing the cosign key path via an arg, what about adding a cosign block to the
images.yaml
like below. You'd still need to make sure that you mounted in the keys, but this could handle our "optional" problem along with allowing for multiple registries/keys. Thoughts?TODO:
repo:
be able to include more of the image path where relevant? i.e. for cases like{registry}/{repo}/anchore
if for some reason that was signed with a different key?