You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
There does not appear to be a proper Helm Chart template for creating the cosign certificates like existed previously.
Expected behavior
There should be secret that gets created within the namespace for the certificates needed for self-signed certs of a cosign validator, and one is not getting created in the newest versions.
Optional: To reproduce
Optional: Versions (please complete the following information as relevant):
Other: Have had this working in older version 2 and just got it working in 3.3.4 (there was an issue in 3.3.0 as well that was slightly different)
Optional: Additional context
have run several different tests to try and fix the bug myself, I wasn't able to successfully deploy my own secret with the cert and add as a volume to the deployment, that didn't seem to help.
The error message being received was just in regards to the certificate authority not be able to be verified:
{
"level": "debug",
"msg": "2024/05/30 18:44:54 --\u003e GET https://quay.prod-openshift.com/v2/\n",
"time": "2024-05-30T18:44:54Z"
}
{
"level": "debug",
"msg": "2024/05/30 18:44:54 GET /v2/ HTTP/1.1\r\nHost: quay.prod-openshift.com\r\nUser-Agent: cosign/devel (linux; amd64) go-containerregistry/v0.19.1\r\nAccept-Encoding: gzip\r\n\r\n\n",
"time": "2024-05-30T18:44:54Z"
}
{
"level": "debug",
"msg": "2024/05/30 18:44:54 \u003c-- tls: failed to verify certificate: x509: certificate signed by unknown authority GET https://quay.prod-openshift.com/v2/ (40.667768ms)\n",
"time": "2024-05-30T18:44:54Z"
}
{
"level": "debug",
"msg": "error verifying signatures with verifier for trust root default: Get \"https://quay.prod-openshift.com/v2/\": tls: failed to verify certificate: x509: certificate signed by unknown authority",
"time": "2024-05-30T18:44:54Z"
}
{
"level": "debug",
"msg": "num signatures: 0/1 by validating trust root names: []",
"time": "2024-05-30T18:44:54Z"
}
here is a sample of the values file used in both 3.4 and 3.5:
Describe the bug
There does not appear to be a proper Helm Chart template for creating the cosign certificates like existed previously.
Expected behavior
There should be secret that gets created within the namespace for the certificates needed for self-signed certs of a cosign validator, and one is not getting created in the newest versions.
Optional: To reproduce
Optional: Versions (please complete the following information as relevant):
Optional: Additional context
have run several different tests to try and fix the bug myself, I wasn't able to successfully deploy my own secret with the cert and add as a volume to the deployment, that didn't seem to help.
The error message being received was just in regards to the certificate authority not be able to be verified:
here is a sample of the values file used in both 3.4 and 3.5:
The text was updated successfully, but these errors were encountered: