Uploaded image for project: 'Red Hat Advanced Cluster Security'
  1. Red Hat Advanced Cluster Security
  2. ROX-30280

Indicate signature was not verified in violation messages

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Done
    • Icon: Undefined Undefined
    • 4.9.0
    • None
    • Image Signature, UX
    • None
    • Quality / Stability / Reliability
    • False
    • Hide

      None

      Show
      None
    • False
    • Rox Sprint 4.9D - Global, Rox Sprint 4.9E - Global, Rox Sprint 4.9F - Global

      The image signature policy field raises a violation when image signatures cannot be verified with the specified signature integration. The violation messages may be confusing in certain scenarios, see this real example of a signature verification policy violation:

      Container 'main' image signature is verified by io.stackrox.signatureintegration.3fee323b-da48-4fe2-8041-02e0740cc4f5

      Note that it states that the signature is verified.

      This should be changed to state that the signature is not verified.
       

              rh-ee-gualvare Guzman Alvarez
              rh-ee-gualvare Guzman Alvarez
              ACS Sensor & Ecosystem
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: