Join us

Verifying Container Image Signatures Within CRI Runtimes

@faun ・ Jul 05,2023

Author: Sascha Grunert The Kubernetes community has been signing their container image-based artifacts since release v1.24. While the graduation of the corresponding enhancement from alpha to beta in v1.26 introduced signatures for the binary artifacts, other projects followed the approach by providing image signatures for their releases, too. This means that they either create the signatures within their own CI/CD pipelines, for example by using GitHub actions, or rely on the Kubernetes image promotion process to automatically sign the images by proposing pull requests to the k/k8s.

Let's keep in touch!

Stay updated with my latest posts and news. I share insights, updates, and exclusive content.

By subscribing, you share your email with @faun and accept our Terms & Privacy. Unsubscribe anytime.

Only registered users can post comments. Please, login or signup.

Share with your friends and followers

Start blogging about your favorite technologies, reach more readers and earn rewards!

Join other developers and claim your FAUN.dev account now!

Publish your first story!

FAUN.dev is where engineers from GitHub, Netflix, and Shopify go to stay ahead β€” fast.

An effortless, straightforward way to keep up with technologies...so you can keep your tabs closed and your mind open!
70,000+ developers already joined ⭐⭐⭐⭐⭐
Trusted by developers at
Google β€’ Microsoft β€’ AWS β€’ Netflix
Avatar

The FAUN

@faun
A worldwide community of developers and DevOps enthusiasts!
User Popularity
3k

Influence

301k

Total Hits

1

Posts