You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I specified a image:tab as the scope of the cosign trust policy, however since the image to deploy has mutated to the digest, verifier was not able to find a trust policy that matches image:tag.
Error: Detail: failed to get trust policy: no policy found for reference
What did you expect to happen?
No response
What version of Kubernetes are you running?
No response
What version of Ratify are you running?
No response
Anything else you would like to add?
No response
Are you willing to submit PRs to contribute to this bug fix?
Yes, I am willing to implement it.
The text was updated successfully, but these errors were encountered:
@akashsinghal , does the notation trust policy have the same limitation?
For now, we can update the doc to make sure Customer are redirected to use the digest, or specify wildcard for scope matching.
susanshi
changed the title
https://github.com/deislabs/ratify-web/blob/e0d548665d273502be477559d10fc02911348c51/docs/plugins/Verifier/cosign.md#trust-policy
failed to get trust policy: no policy found for reference when scope matching with image:tag
May 9, 2024
@akashsinghal , does the notation trust policy have the same limitation? For now, we can update the doc to make sure Customer are redirected to use the digest, or specify wildcard for scope matching.
In terms of notation spec on trust policy, the scope can be either * or a path to repo. So it will not have the issue parsing image tag to digest.
What happened in your environment?
Following this doc, https://github.com/deislabs/ratify-web/blob/e0d548665d273502be477559d10fc02911348c51/docs/plugins/Verifier/cosign.md#trust-policy
I specified a image:tab as the scope of the cosign trust policy, however since the image to deploy has mutated to the digest, verifier was not able to find a trust policy that matches image:tag.
Error: Detail: failed to get trust policy: no policy found for reference
What did you expect to happen?
No response
What version of Kubernetes are you running?
No response
What version of Ratify are you running?
No response
Anything else you would like to add?
No response
Are you willing to submit PRs to contribute to this bug fix?
The text was updated successfully, but these errors were encountered: