How to set a public key to provider cache? #53
Comments
|
Hi @jacckyyy, Actually I have no idea where is |
|
Hi @Dentrax, Starting with the installation of gatekeeper, and installed cosign-gatekeeper-provider,
finally confirmed the deployment of ConstraintTemplate and Contraint policy.
However, at the last step, when I verified the signature using the example in the policy/example, I got the following error message regardless of whether I signed with cosign or not.
It seems that the provider did not set the public key. I don't know what the problem is with this part? Did I miss anything? Thanks... Orz |
|
+1 |
|
Hitting the same issue with gatekeeper 3.14.0. @Dentrax Could it be something not working with Gatekeeper internal cache? I tried disabling it and still getting the same error. It seems gatekeeper is not even calling the external provider when printing that error. |
|
https://github.com/open-policy-agent/frameworks/commits?author=nilekhc |
|
UP + 1 |
|
Maybe related to open-policy-agent/gatekeeper#3132 |
|
@houdini91 Thank you! Upgrading Gatekeeper to 3.15 and setting --external-data-provider-response-cache-ttl=0 seems to help address the issue. Not sure why cache needs to be disabled for the provider to work. |
When I have deployed the provider, template and constraint, but I encounter an error (response: {"errors": null, "responses": null, "status_code": 400, "system_error": "key is not found in provider cache"}) when trying to deploy the example yaml file. How can I set the public key in the cache? thanks..
The text was updated successfully, but these errors were encountered: