-
Feature Request
-
Resolution: Done
-
Undefined
-
None
-
None
-
Improvement
-
False
-
None
-
False
-
Not Selected
-
-
-
1. Proposed title of this feature request:
Enable Repository Mirroring to Include Image Signature Artifacts.
2. Who is the customer behind the request?
Account Name: The Government Technology Agency of Singapore
Account Number: 5750248
TAM customer: yes
CSM customer: yes
Strategic: yes
3. What is the nature and description of the request?
The customer requests an enhancement to the repository mirroring functionality in Red Hat Quay, specifically to include the ability to mirror image signatures alongside container images. Currently, only the container image content is mirrored, and the signature artifacts are omitted. The customer would like an option to enable mirroring of these signature artifacts, especially for signatures signed by Cosign.
4. Why does the customer need this? (List the business requirements here)
The customer relies on signed images to maintain security standards and ensure image authenticity. When images are mirrored without their signature artifacts, the target Quay instance does not display them as signed, leading to security compliance concerns and unnecessary security team involvement. Mirroring image signatures is crucial to preserving the integrity of the images and ensuring that security policies are enforced in the target registry.
5. List any affected packages or components.
Repository mirroring
