This repository has been archived by the owner on Nov 20, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 7
Fetching signatures with a .cosign extension #3
Comments
Ah yes! We changed the specification in cosign as of the last release - .sig is correct now. Do you want to send a PR here to update? |
If I'm not mistaken this is happening at: If you have any pointer, I will take care of the PR as I'm not finding this change you mention :) |
Looks right! I think you might just have to update the version of cosign itself in the go.mod file |
Cheers, just saw that we are pointing to the 0.2.0 version. |
youssefazrak
added a commit
to youssefazrak/cosigned
that referenced
this issue
May 19, 2021
PR sigstore/cosign#287 changed the signature extension from .cosign to .sig. As we are using Cosign:v0.2.0, the manager was not able anymore to fetch signatures signed with latest version of Cosign. Fixes: dlorenc#3 Signed-off-by: Youssef Azrak <yazrak.tech@gmail.com>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I'm opening this one in this repo, could be in the cosign repo though but the admission-controller highlighted the issue in all cases.
When I sign a container, the signature is uploaded to the gcr registry with a
.sig
extension.The manager is looking for a
.cosign
extension which leads to a failure and the image can't be deployed.Workaround is to manually change the extension type of the signature to
.cosign
.Logs below:
The text was updated successfully, but these errors were encountered: