search

goharbor / harbor

An open source trusted cloud native registry project that stores, signs, and scans content.
https://goharbor.io
Apache License 2.0
23.86k stars 4.74k forks source link

Notary multisignature #10297

Closed dar9468 closed 4 years ago

dar9468 commented 4 years ago

Hello!

I would like to know how it is possible to create certificates for each user so that notaries check. By default there is only one certificate.

ywk253100 commented 4 years ago

Don't get your point, could you explain it with more detail?

dar9468 commented 4 years ago

I need each user to have their own signature

dar9468 commented 4 years ago

After creating user certificates based on rutovye from harbor, docker images are signed only root Screenshot from 2019-12-18 13-14-27

dar9468 commented 4 years ago

Screenshot from 2019-12-18 13-21-49

dar9468 commented 4 years ago

Login was made with this use

dar9468 commented 4 years ago

After added DOCKER_CONTENT_TRUST and DOCKER_CONTENT_TRUST_SERVER Screenshot from 2019-12-18 13-28-26

dar9468 commented 4 years ago

Config Harbor: Screenshot from 2019-12-18 13-31-41

dar9468 commented 4 years ago

It seems the problem has been resolved, but now the question is how in (Notari) Harbor you can delete the initialization keys. The keys were deleted from the local machine. And now the error

ERRO[0000] couldn't remove target from targets: could not find necessary signing keys, at least one of these keys must be available