Skip to content
This repository has been archived by the owner on Mar 16, 2024. It is now read-only.

IAR - Confusing to see "Done: Pushed signature" when signing images that are local. #2069

Closed
sangee2004 opened this issue Aug 15, 2023 · 1 comment
Closed

IAR - Confusing to see "Done: Pushed signature" when signing images that are local. #2069

sangee2004 opened this issue Aug 15, 2023 · 1 comment
Assignees
@iwilltry42
Labels
kind/bug Something isn't working
Milestone
v0.8.0

Comments

@sangee2004
Copy link
Contributor

acorn version - v0.8.0-rc4+b6a95e8a

Steps to reproduce the problem:

  1. Enable IAR feature (acorn install --features image-allow-rules=true)
  2. Build an image - acorn build -t ghcr.io/sangee2004/mytestsignew:v0.0.3 .
  3. Sign this image
 acorn image sign  ghcr.io/sangee2004/mytestsignew:v0.0.3 --key ~/santest3.key -a qatag=ok
  •  Signing Image ghcr.io/sangee2004/mytestsignew:v0.0.3 (digest: ghcr.io/sangee2004/mytestsignew@sha256:543ca38d7f6e7d57ce1fe5f79485b909988b4107a52c5af137af3d46d61b78b6) using key /Users/sangeethahariharan/santest3.key
? Enter password for private key /Users/sangeethahariharan/santest3.key: ********
  ✔  Done: Pushed signature sha256:3404345cd2e6933962efcf03b7599268705c931afbc0178872ed76f80fbdca88

Notice that the message says - "Done: Pushed signature" .

It is confusing to see this message which seems to indicate that the image and signature have been pushed to the external repo.
At this time, image and signature have NOT been pushed to the external repo. We have just generated the signature for the image and subsequent acorn push of the image results in the image and signature to be pushed.
@sangee2004 sangee2004 added the kind/bug Something isn't working label Aug 15, 2023
@sangee2004 sangee2004 added this to the v0.8.0 milestone Aug 15, 2023
@iwilltry42 iwilltry42 mentioned this issue Aug 16, 2023
Merged
7 tasks
iwilltry42 added a commit that referenced this issue Aug 21, 2023
@iwilltry42
change: Improve Usage of ImageAllowRules (#2067 + #2064 + #2069) (#2074)
2406705 
- clarify output of  `acorn image sign`
- fix: properly handle images with missing required signature
- fix: DO NOT try to delete signature from remote registry
@sangee2004 sangee2004 mentioned this issue Aug 21, 2023
Closed
@sangee2004
Copy link
Contributor Author

Tested with acorn version - v0.8.0-rc4-47-g80dd7169+80dd7169

Following message is presented when signing images that are present locally:

acorn image sign  ghcr.io/sangee2004/testsignature:v0.0.3 --key ~/santest3.key -a qatag=ok
  •  Signing Image ghcr.io/sangee2004/testsignature:v0.0.3 (digest: ghcr.io/sangee2004/testsignature@sha256:b74fb09a6698f63bd6d77307fe401c8db951134198dec9fc25fa3405e8235c8b) using key /Users/sangeethahariharan/santest3.key
? Enter password for private key /Users/sangeethahariharan/santest3.key: ********
  ✔  Created signature sha256:68933d62b4483cd2ae55250cd27098cb3038e9377617c32a710898ce713bd8f8

cloudnautique pushed a commit to cloudnautique/runtime that referenced this issue Sep 28, 2023
@iwilltry42 @cloudnautique
change: Improve Usage of ImageAllowRules (acorn-io#2067 + acorn-io#2064
affee3a 
… + acorn-io#2069) (acorn-io#2074)

- clarify output of  `acorn image sign`
- fix: properly handle images with missing required signature
- fix: DO NOT try to delete signature from remote registry
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@iwilltry42 iwilltry42

Labels
kind/bug Something isn't working
Projects
None yet
Milestone
v0.8.0
Development

No branches or pull requests
2 participants
@iwilltry42 @sangee2004