mikesplain / openvas-docker

A Docker container for Openvas
MIT License
768 stars 305 forks source link

Sign docker images on dockerhub #137

Closed rhuddleston closed 2 months ago

rhuddleston commented 7 years ago

$ export DOCKER_CONTENT_TRUST=1 $ docker pull mikesplain/openvas:9 Error: remote trust data does not exist for docker.io/mikesplain/openvas: notary.docker.io does not have trust data for docker.io/mikesplain/openvas

Any chance you could sign your images with notary for dockerhub?

roman-vynar commented 7 years ago

It would be great if the image for a security tool in particular is signed.

mikesplain commented 7 years ago

That's a great suggestion, that said we use auto builds on docker hub. As far as I know they don't support signing? If @rhuddleston or @roman-vynar has suggestions, I'm open to it.

roman-vynar commented 6 years ago

Yea, it's not supported with auto-builds but as long as the releases are not often, it may be ok pushing by some other mean of automation. From my side, I can provide the brief instructions how to achieve image signing using Docker Hub Notary. You would need to keep a copy of the keys and passphrases to use when pushing a new image.