In the Notation Verify action, users have to manually configure the trust policy and trust store in the workflow file and store the trustpolicy.json and public certificate in the GitHub repository or other shared place.
This is cumbersome for CI/CD users. I think we should be able to simplify the trust policy and trust store setup for notation verify action if these three enhancements are supported by Notation:
In the Notation Verify action, users have to manually configure the trust policy and trust store in the workflow file and store the
trustpolicy.jsonand public certificate in the GitHub repository or other shared place.This is cumbersome for CI/CD users. I think we should be able to simplify the trust policy and trust store setup for
notation verifyaction if these three enhancements are supported by Notation:The ultimate experience would be execute
notation verifyactions only without additional trust policy and trust store configuration in separate steps.