Comments (3)
I think it might need to be hard coded, since even if the image is whitelisted in a default ISP we ship, if a user creates a second ISP without whitelisting the server image it will still be denied.
from kritis.
Hmm, why can't the kritis-server pass the policy checks?
from kritis.
if the validationhook is already running and we try to update the image or restart, it might fail depending on what user deployed policy specs are.
In order to get out of this, user will have to manually delete the webhook and then re-deploy.
from kritis.
Related Issues (20)
- Create a guide for contributions to documentation
- Generate keyID automatically for PKIX and JWT keys
- Move cryptolib into pkg/ directory
- Add doc for signer
- Helm install fails on k8s v1.19 HOT 11
- signer does not timeout waiting for the container analysis of an image
- Automated check and sign on completion of an analysis of an image in GCR HOT 7
- about 1) “ALL attestation authorities to be satisfied” , why not “any attestation authority to be satisfied” ? HOT 1
- kubectl cmd from kritis preinstall auth failure HOT 1
- v0.2.2 nil pointer dereference HOT 6
- make setup-integration-local does not create kritis-ca-admin service account
- setup-containeranalysis-resources.sh fails
- More use cases than scanning for known vulnerabilities HOT 2
- Container Analysis API need to be enabled wherever the Service Account is hosted HOT 4
- Error running GCP tutorial "Creating attestations with Kritis Signer"
- Kritis-Signer don't allow to use Artifact Registry repositories. HOT 3
- official container images from grafeas / Kritis
- Pull kritis signer policy yaml from external storage
- Installation Failed in k8s v1.27
- No Longer Maintained HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kritis.