mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-15 04:07:46 +00:00
Code Activity

fix attestations signature

Browse source 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
This commit is contained in:
Jim Bugwadia 2021-11-18 18:04:36 -08:00
parent be4d0cf31c
commit 48f8733c50
1 changed files with 1 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
pkg/cosign/cosign.go
View file

@ -9,7 +9,6 @@ import (
"github.com/in-toto/in-toto-golang/in_toto" "github.com/in-toto/in-toto-golang/in_toto"
"github.com/kyverno/kyverno/pkg/engine/common" "github.com/kyverno/kyverno/pkg/engine/common"
"github.com/sigstore/cosign/pkg/cosign/attestation" "github.com/sigstore/cosign/pkg/cosign/attestation"
"github.com/sigstore/sigstore/pkg/signature/dsse"
"strings" "strings"
"github.com/gardener/controller-manager-library/pkg/logger" "github.com/gardener/controller-manager-library/pkg/logger"
@ -115,7 +114,7 @@ func FetchAttestations(imageRef string, key []byte, repository string) ([]map[st
//RootCerts: fulcio.GetRoots(), //RootCerts: fulcio.GetRoots(),
ClaimVerifier: cosign.IntotoSubjectClaimVerifier, ClaimVerifier: cosign.IntotoSubjectClaimVerifier,
SigTagSuffixOverride: cosign.AttestationTagSuffix, SigTagSuffixOverride: cosign.AttestationTagSuffix,
SigVerifier: dsse.WrapVerifier(pubKey), SigVerifier: pubKey,
VerifyBundle: false, VerifyBundle: false,
} }