diff --git a/api/kyverno/v1/image_verification_types.go b/api/kyverno/v1/image_verification_types.go index 40b4f5f974..53b83f96a0 100644 --- a/api/kyverno/v1/image_verification_types.go +++ b/api/kyverno/v1/image_verification_types.go @@ -262,7 +262,7 @@ type KeylessAttestor struct { type Rekor struct { // URL is the address of the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. - // +kubebuilder:validation:Required + // +kubebuilder:validation:Optional // +kubebuilder:Default:=https://rekor.sigstore.dev URL string `json:"url" yaml:"url"` diff --git a/charts/kyverno/charts/crds/templates/kyverno.io/kyverno.io_clusterpolicies.yaml b/charts/kyverno/charts/crds/templates/kyverno.io/kyverno.io_clusterpolicies.yaml index a1a6a118b5..7f9d46ec7e 100644 --- a/charts/kyverno/charts/crds/templates/kyverno.io/kyverno.io_clusterpolicies.yaml +++ b/charts/kyverno/charts/crds/templates/kyverno.io/kyverno.io_clusterpolicies.yaml @@ -3091,8 +3091,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -3147,8 +3145,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -3217,8 +3213,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -3498,8 +3492,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -3554,8 +3546,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -3624,8 +3614,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -3863,8 +3851,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -3918,8 +3904,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -3987,8 +3971,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -7276,8 +7258,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -7332,8 +7312,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -7402,8 +7380,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -7687,8 +7663,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -7745,8 +7719,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -7818,8 +7790,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a @@ -8059,8 +8029,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -8115,8 +8083,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -8185,8 +8151,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -11297,8 +11261,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -11353,8 +11315,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -11423,8 +11383,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -11693,8 +11651,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -11749,8 +11705,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -11819,8 +11773,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -12058,8 +12010,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -12113,8 +12063,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -12182,8 +12130,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -15456,8 +15402,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -15512,8 +15456,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -15582,8 +15524,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -15867,8 +15807,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -15925,8 +15863,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -15998,8 +15934,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a @@ -16239,8 +16173,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -16295,8 +16227,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -16365,8 +16295,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret diff --git a/charts/kyverno/charts/crds/templates/kyverno.io/kyverno.io_policies.yaml b/charts/kyverno/charts/crds/templates/kyverno.io/kyverno.io_policies.yaml index 9d9bb4bd72..c85c7343d7 100644 --- a/charts/kyverno/charts/crds/templates/kyverno.io/kyverno.io_policies.yaml +++ b/charts/kyverno/charts/crds/templates/kyverno.io/kyverno.io_policies.yaml @@ -3092,8 +3092,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -3148,8 +3146,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -3218,8 +3214,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -3499,8 +3493,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -3555,8 +3547,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -3625,8 +3615,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -3864,8 +3852,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -3919,8 +3905,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -3988,8 +3972,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -7278,8 +7260,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -7334,8 +7314,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -7404,8 +7382,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -7689,8 +7665,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -7747,8 +7721,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -7820,8 +7792,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a @@ -8061,8 +8031,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -8117,8 +8085,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -8187,8 +8153,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -11300,8 +11264,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -11356,8 +11318,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -11426,8 +11386,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -11696,8 +11654,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -11752,8 +11708,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -11822,8 +11776,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -12061,8 +12013,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -12116,8 +12066,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -12185,8 +12133,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -15459,8 +15405,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -15515,8 +15459,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -15585,8 +15527,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -15870,8 +15810,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -15928,8 +15866,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -16001,8 +15937,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a @@ -16242,8 +16176,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -16298,8 +16230,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -16368,8 +16298,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret diff --git a/cmd/cli/kubectl-kyverno/data/crds/kyverno.io_clusterpolicies.yaml b/cmd/cli/kubectl-kyverno/data/crds/kyverno.io_clusterpolicies.yaml index c8b9392c97..0cd7ad01c5 100644 --- a/cmd/cli/kubectl-kyverno/data/crds/kyverno.io_clusterpolicies.yaml +++ b/cmd/cli/kubectl-kyverno/data/crds/kyverno.io_clusterpolicies.yaml @@ -3085,8 +3085,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -3141,8 +3139,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -3211,8 +3207,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -3492,8 +3486,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -3548,8 +3540,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -3618,8 +3608,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -3857,8 +3845,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -3912,8 +3898,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -3981,8 +3965,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -7270,8 +7252,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -7326,8 +7306,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -7396,8 +7374,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -7681,8 +7657,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -7739,8 +7713,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -7812,8 +7784,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a @@ -8053,8 +8023,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -8109,8 +8077,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -8179,8 +8145,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -11291,8 +11255,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -11347,8 +11309,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -11417,8 +11377,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -11687,8 +11645,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -11743,8 +11699,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -11813,8 +11767,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -12052,8 +12004,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -12107,8 +12057,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -12176,8 +12124,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -15450,8 +15396,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -15506,8 +15450,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -15576,8 +15518,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -15861,8 +15801,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -15919,8 +15857,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -15992,8 +15928,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a @@ -16233,8 +16167,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -16289,8 +16221,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -16359,8 +16289,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret diff --git a/cmd/cli/kubectl-kyverno/data/crds/kyverno.io_policies.yaml b/cmd/cli/kubectl-kyverno/data/crds/kyverno.io_policies.yaml index 3946b6de9d..4e8ea5ed3b 100644 --- a/cmd/cli/kubectl-kyverno/data/crds/kyverno.io_policies.yaml +++ b/cmd/cli/kubectl-kyverno/data/crds/kyverno.io_policies.yaml @@ -3086,8 +3086,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -3142,8 +3140,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -3212,8 +3208,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -3493,8 +3487,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -3549,8 +3541,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -3619,8 +3609,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -3858,8 +3846,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -3913,8 +3899,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -3982,8 +3966,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -7272,8 +7254,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -7328,8 +7308,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -7398,8 +7376,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -7683,8 +7659,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -7741,8 +7715,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -7814,8 +7786,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a @@ -8055,8 +8025,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -8111,8 +8079,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -8181,8 +8147,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -11294,8 +11258,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -11350,8 +11312,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -11420,8 +11380,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -11690,8 +11648,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -11746,8 +11702,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -11816,8 +11770,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -12055,8 +12007,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -12110,8 +12060,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -12179,8 +12127,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -15453,8 +15399,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -15509,8 +15453,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -15579,8 +15521,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -15864,8 +15804,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -15922,8 +15860,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -15995,8 +15931,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a @@ -16236,8 +16170,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -16292,8 +16224,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -16362,8 +16292,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret diff --git a/config/crds/kyverno/kyverno.io_clusterpolicies.yaml b/config/crds/kyverno/kyverno.io_clusterpolicies.yaml index c8b9392c97..0cd7ad01c5 100644 --- a/config/crds/kyverno/kyverno.io_clusterpolicies.yaml +++ b/config/crds/kyverno/kyverno.io_clusterpolicies.yaml @@ -3085,8 +3085,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -3141,8 +3139,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -3211,8 +3207,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -3492,8 +3486,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -3548,8 +3540,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -3618,8 +3608,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -3857,8 +3845,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -3912,8 +3898,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -3981,8 +3965,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -7270,8 +7252,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -7326,8 +7306,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -7396,8 +7374,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -7681,8 +7657,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -7739,8 +7713,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -7812,8 +7784,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a @@ -8053,8 +8023,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -8109,8 +8077,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -8179,8 +8145,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -11291,8 +11255,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -11347,8 +11309,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -11417,8 +11377,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -11687,8 +11645,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -11743,8 +11699,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -11813,8 +11767,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -12052,8 +12004,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -12107,8 +12057,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -12176,8 +12124,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -15450,8 +15396,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -15506,8 +15450,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -15576,8 +15518,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -15861,8 +15801,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -15919,8 +15857,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -15992,8 +15928,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a @@ -16233,8 +16167,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -16289,8 +16221,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -16359,8 +16289,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret diff --git a/config/crds/kyverno/kyverno.io_policies.yaml b/config/crds/kyverno/kyverno.io_policies.yaml index 3946b6de9d..4e8ea5ed3b 100644 --- a/config/crds/kyverno/kyverno.io_policies.yaml +++ b/config/crds/kyverno/kyverno.io_policies.yaml @@ -3086,8 +3086,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -3142,8 +3140,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -3212,8 +3208,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -3493,8 +3487,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -3549,8 +3541,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -3619,8 +3609,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -3858,8 +3846,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -3913,8 +3899,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -3982,8 +3966,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -7272,8 +7254,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -7328,8 +7308,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -7398,8 +7376,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -7683,8 +7659,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -7741,8 +7715,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -7814,8 +7786,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a @@ -8055,8 +8025,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -8111,8 +8079,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -8181,8 +8147,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -11294,8 +11258,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -11350,8 +11312,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -11420,8 +11380,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -11690,8 +11648,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -11746,8 +11702,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -11816,8 +11770,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -12055,8 +12007,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -12110,8 +12060,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -12179,8 +12127,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -15453,8 +15399,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -15509,8 +15453,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -15579,8 +15521,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -15864,8 +15804,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -15922,8 +15860,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -15995,8 +15931,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a @@ -16236,8 +16170,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -16292,8 +16224,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -16362,8 +16292,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret diff --git a/config/install-latest-testing.yaml b/config/install-latest-testing.yaml index db24ccd635..4a91afdf1b 100644 --- a/config/install-latest-testing.yaml +++ b/config/install-latest-testing.yaml @@ -13178,8 +13178,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -13234,8 +13232,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -13304,8 +13300,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -13585,8 +13579,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -13641,8 +13633,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -13711,8 +13701,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -13950,8 +13938,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -14005,8 +13991,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -14074,8 +14058,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -17363,8 +17345,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -17419,8 +17399,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -17489,8 +17467,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -17774,8 +17750,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -17832,8 +17806,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -17905,8 +17877,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a @@ -18146,8 +18116,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -18202,8 +18170,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -18272,8 +18238,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -21384,8 +21348,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -21440,8 +21402,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -21510,8 +21470,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -21780,8 +21738,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -21836,8 +21792,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -21906,8 +21860,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -22145,8 +22097,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -22200,8 +22150,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -22269,8 +22217,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -25543,8 +25489,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -25599,8 +25543,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -25669,8 +25611,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -25954,8 +25894,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -26012,8 +25950,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -26085,8 +26021,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a @@ -26326,8 +26260,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -26382,8 +26314,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -26452,8 +26382,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -30067,8 +29995,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -30123,8 +30049,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -30193,8 +30117,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -30474,8 +30396,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -30530,8 +30450,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -30600,8 +30518,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -30839,8 +30755,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -30894,8 +30808,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -30963,8 +30875,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -34253,8 +34163,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -34309,8 +34217,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -34379,8 +34285,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -34664,8 +34568,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -34722,8 +34624,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -34795,8 +34695,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a @@ -35036,8 +34934,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -35092,8 +34988,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -35162,8 +35056,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -38275,8 +38167,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -38331,8 +38221,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -38401,8 +38289,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -38671,8 +38557,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -38727,8 +38611,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -38797,8 +38679,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -39036,8 +38916,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -39091,8 +38969,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -39160,8 +39036,6 @@ spec: the transparency log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret resource @@ -42434,8 +42308,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -42490,8 +42362,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -42560,8 +42430,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret @@ -42845,8 +42713,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -42903,8 +42769,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -42976,8 +42840,6 @@ spec: log. Defaults to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a @@ -43217,8 +43079,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object type: object keyless: @@ -43273,8 +43133,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object roots: description: |- @@ -43343,8 +43201,6 @@ spec: to the public Rekor log instance https://rekor.sigstore.dev. type: string - required: - - url type: object secret: description: Reference to a Secret diff --git a/pkg/engine/internal/imageverifier.go b/pkg/engine/internal/imageverifier.go index 3b5dd4648f..cd864fa7bf 100644 --- a/pkg/engine/internal/imageverifier.go +++ b/pkg/engine/internal/imageverifier.go @@ -603,6 +603,18 @@ func (iv *ImageVerifier) buildCosignVerifier( opts.CertChain = attestor.Certificates.CertificateChain if attestor.Certificates.Rekor != nil { opts.RekorURL = attestor.Certificates.Rekor.URL + opts.RekorPubKey = attestor.Certificates.Rekor.RekorPubKey + opts.IgnoreTlog = attestor.Certificates.Rekor.IgnoreTlog + } else { + opts.RekorURL = "https://rekor.sigstore.dev" + opts.IgnoreTlog = false + } + + if attestor.Certificates.CTLog != nil { + opts.IgnoreSCT = attestor.Certificates.CTLog.IgnoreSCT + opts.CTLogsPubKey = attestor.Certificates.CTLog.CTLogPubKey + } else { + opts.IgnoreSCT = false } } else if attestor.Keyless != nil { path = path + ".keyless" @@ -636,6 +648,7 @@ func (iv *ImageVerifier) buildCosignVerifier( opts.Annotations = attestor.Annotations } + iv.logger.V(4).Info("cosign verifier built", "ignoreTlog", opts.IgnoreTlog, "ignoreSCT", opts.IgnoreSCT) return cosign.NewVerifier(), opts, path }