Closed mhatrevi closed 1 month ago
I think this also needs the commands documented in the runtime readme
This is pretty hard to review as-is. Would you be able to split up this change as:
- RT spec change
- auth manifest tool
- Runtime commands for using auth manifest
I think these are all pretty independent of each other
Not sure how that reduces the complexity of the review. These changes are related to each other and IMO, should be in a single PR. For ease of code review, I would suggest the following order of folders to review:
Just 2 opens in previous comments (should dpe_result be added to AuthorizeAndStash response, can we add the command and response args to the RT readme?)
Added the commands to RT Readme. For the DPE result, deferring to John for guidance.
This PR will be broken down into the following two tasks:
Closing this PR as such.
This change contains the Manifest based Image Authorization feature. Design document: https://docs.google.com/document/d/1BofLEAzeszgAGVcaEjTxM7tDxwIq9KhVXuqGUlrg1sc/edit#heading=h.z8ehugjyw5jp