when --image-verify flag is enabled in verify-resource command, the command verifies not only the specified resources but also container images of those resources.
Example:
$ kubectl sigstore verify-resource deployment sample-app --image-verify
...
[RESOURCES]
KIND NAME VALID ERROR AGE
Deployment sample-app true 5d
[RESOURCES - PODS/CONTAINERS]
POD CONTAINER IMAGE ID SIGNED SIGNER
sample-app-b494cd9c8-m7lmz nginx nginx:latest@IMAGE_DIGEST true sample-signer@example.com
Signed-off-by: Hirokuni-Kitahara1 hirokuni.kitahara1@ibm.com
--image-verifyflag is enabled in verify-resource command, the command verifies not only the specified resources but also container images of those resources.Example: