Docker Content Trust

Description

Docker Content Trust (DCT) is a mechanism for signing Docker images that are uploaded to the Docker Hub that guarantees to people pulling the images that they were in fact created by OpenNMS.

Given that the operator will be available for public consumption, and will be given sensitive access to people's k8s clusters, having DCT setup for the operator's image seems like a good idea.

Acceptance / Success Criteria

Images produced by the Operator's CircleCI pipeline should be signed with DCT

Lucidchart Diagrams

Activity

Show:

Done

Details
Assignee
Jeffrey-David Kapp
Reporter
Jeffrey-David Kapp
Sprint
None
Priority
Minor
Parent
OP-2 Operator Version 0.1

PagerDuty

Created November 2, 2021 at 2:20 PM

Updated November 4, 2021 at 7:12 PM

Resolved November 4, 2021 at 7:12 PM

Docker Content Trust

Description

Acceptance / Success Criteria

Lucidchart Diagrams

Activity

DetailsAssigneeJeffrey-David KappJeffrey-David KappReporterJeffrey-David KappJeffrey-David KappSprintNone+1PriorityMinorParentOP-2 Operator Version 0.1

Details

Assignee

Reporter

Sprint

Priority

Parent

PagerDutyPagerDuty Incident

PagerDuty

Details
Assignee
Jeffrey-David Kapp
Reporter
Jeffrey-David Kapp
Sprint
None
Priority
Minor
Parent
OP-2 Operator Version 0.1

PagerDuty