UNCLASSIFIED - NO CUI

Skip to content

Update Image Signature policy

Michael McLeroy requested to merge 22/signature-test into main
  • The signature parameter key/values changed upstream. Updated the default values/test-values to align with the latest format.
  • Added IronBank signature checking to test-values (we want to know if this doesn't work in our testing)
  • Turned on the signature policy in test-values so it would be checked
  • Turned off digest verification and mutation for IronBank (we don't want the tag converted to a SHA since IronBank rebuilds images nightly)
  • Added test vector to cover non-signed, non-verified image since IronBank images are signed/verified now.

Related to #22 (closed)

Edited by Michael McLeroy

Merge request reports