containers
/
image
mirror of https://github.com/containers/image.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

refactor(docs): Disambiguate sigstoreSigned documentation 

From the current documentation, one could mistakenly assume, that
`use-sigstore-attachments` needs to be enabled by the registry and not
in the client. This commit rephrases the part of the documentation to
make it more clear, that this needs to be done on the client side.

Signed-off-by: Lucas Humfeldt <lucas@humfeldt.de>
This commit is contained in:
Lucas Humfeldt 2023-03-17 18:12:30 +01:00
parent c42f196676
commit b3e0ba234e
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/containers-policy.json.5.md
View File

@ -282,7 +282,7 @@ signed by the provided public key.
The `signedIdentity` field has the same semantics as in the `signedBy` requirement described above.
Note that `cosign`-created signatures only contain a repository, so only `matchRepository` and `exactRepository` can be used to accept them (and that does not protect against substitution of a signed image with an unexpected tag).
To use this with images hosted on image registries, the relevant registry or repository must have the `use-sigstore-attachments` option enabled in containers-registries.d(5).
To use this with images hosted on image registries, the `use-sigstore-attachments` option needs to be enabled for the relevant registry or repository in the client's containers-registries.d(5).
## Examples