Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support keyless verification with OIDC identities #1323

Closed
1 task
yizha1 opened this issue Mar 1, 2024 · 1 comment · Fixed by #1503
Closed
1 task

Support keyless verification with OIDC identities #1323

yizha1 opened this issue Mar 1, 2024 · 1 comment · Fixed by #1503
Assignees
@akashsinghal
Labels
enhancement New feature or request
Milestone
v1.3.0

Comments

@yizha1
Copy link
Collaborator

yizha1 commented Mar 1, 2024

What would you like to be added?

Currently Ratify supports keyless verification with Cosign 1.x only. Since Cosign 2.0, keyless verification requires OIDC identities and OIDC issuers. Ratify needs to introduce new parameters for the cosign verifier.

Anything else you would like to add?

No response

Are you willing to submit PRs to contribute to this feature?

  • Yes, I am willing to implement it.
@yizha1 yizha1 added enhancement New feature or request triage Needs investigation labels Mar 1, 2024
@yizha1 yizha1 mentioned this issue Mar 7, 2024
Merged
12 tasks
@yizha1 yizha1 removed the triage Needs investigation label Mar 14, 2024
@yizha1 yizha1 added this to the v1.3.0 milestone Mar 14, 2024
@yizha1
Copy link
Collaborator Author

yizha1 commented Mar 14, 2024

Discussed with @akashsinghal, this issue can be planned for Ratify 1.3.0. Currently, the Cosign verifier continues to function because the API does not mandate OIDC identity and issuer as a requirement. /cc @susanshi

This was referenced May 17, 2024
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@akashsinghal akashsinghal

Labels
enhancement New feature or request
Projects
None yet
Milestone
v1.3.0
Development

Successfully merging a pull request may close this issue.

feat: add cosign keyless support to trust policy akashsinghal/ratify
2 participants
@akashsinghal @yizha1