Uploaded image for project: 'Red Hat 3scale API Management'
  1. Red Hat 3scale API Management
  2. THREESCALE-4120

operators use tag for containerImage reference instead of digest

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Duplicate
    • Icon: Major Major
    • None
    • None
    • 3scale Operator
    • None

    • $ oc version
      Client Version: openshift-clients-4.2.2-201910250432-4-g4ac90784
      Server Version: 4.2.10
      Kubernetes Version: v1.14.6+17b1cc6

    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started

      In order to avoid supply chain attacks against the operator, and allow repository mirroring, references from the packagemanifest in OCP OLM should be by digest, not by tag.

      See:
      http://post-office.corp.redhat.com/archives/openshift-sme/2019-October/msg01569.html

              tmaas-1 Thomas Maas
              rhn-support-jshepher Jason Shepherd
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: