settings validations: implement certificate chain verification

kubewarden / verify-image-signatures

A Kubewarden Policy that verifies all the signatures of the container images referenced by a Pod

https://kubewarden.io

Apache License 2.0

12 stars 9 forks source link

settings validations: implement certificate chain verification #44

Closed flavio closed 1 year ago

flavio commented 1 year ago

When using the new Certificate option, the validate_settings should ensure the certificate can be verified using the optional certificate_chain provided by the user.

See https://github.com/kubewarden/verify-image-signatures/blob/b6a1c64abfcb1f78fd20937e3b30d97ea65576b8/src/settings.rs#L108-L109

This is part of https://github.com/kubewarden/verify-image-signatures/issues/39

flavio commented 1 year ago

This depends on https://github.com/kubewarden/policy-evaluator/issues/200

viccuad commented 1 year ago

https://github.com/kubewarden/verify-image-signatures/pull/47 implements it, but missing e2e tests in a new PR.