Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-32723

[RHEL EPIC] Adopting Sigstore for Containers - RHEL 9.5

XMLWordPrintable

    • [RHEL EPIC] Adopting Sigstore for Containers RHEL 9.5
    • Red Hat Enterprise Linux
    • rhel-sst-container-tools
    • 23
    • 3
    • False
    • Hide

      None

      Show
      None
    • Yes
    • QE ack, Dev ack, Docs ack
    • Enhancement
    • Hide
      Feature, enhancement (describe the feature or enhancement from the user’s point of view):
      Reason (why has the feature or enhancement been implemented):
      Result (what is the current user experience):
      Show
      Feature, enhancement (describe the feature or enhancement from the user’s point of view): Reason (why has the feature or enhancement been implemented): Result (what is the current user experience):

      Description

      SME: Miloslav Trmac

      Begin using Sigstore signatures for container signing in RHEL / UBI.

      Detailed Sigstore rationale and background here.

      Goals

      Adopting sigstore for signing RHEL/UBI based containers provides a more ergonomic experience for users and is in line with wider container-signing plans.

      RHEL/UBI 7/8/9 will continue to have simple-signatures. RHEL 10 images would be sigstore only.

      Note: simple-signing code will not be removed from RHEL container tools, so any user re-signing workflows will continue to function.

      Requirements

      All supported versions of RHEL container tools in RHEL and in layered products must have the code paths and correctly configured policy in order to use UBI10 containers from RHEL9 based systems.

       

      SME: Miloslav Trmac

       

       

              container-runtime-eng Container Runtime Eng Bot
              tsweeney@redhat.com Tom Sweeney
              Container Runtime Eng Bot Container Runtime Eng Bot
              Container Runtime Bugs Bot Container Runtime Bugs Bot
              Gabriela Necasova Gabriela Necasova
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: