Skip to content

Commit c2a41ea

Browse files
openshift-merge-bot[bot]openshift-merge-bot[bot]
authored
Merge pull request #2511 from QiWang19/pki-default
 OCPNODE-3759: Promote SigstoreImageVerificationPKI feature to default
2 parents 5eb46a7 + bfbc84f commit c2a41ea

File tree

35 files changed

+19
-8243
lines changed

35 files changed

+19
-8243
lines changed

config/v1/types_image_policy.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -82,7 +82,7 @@ type PolicyRootOfTrust struct {
8282
// Allowed values are "PublicKey", "FulcioCAWithRekor", and "PKI".
8383
// When set to "PublicKey", the policy relies on a sigstore publicKey and may optionally use a Rekor verification.
8484
// When set to "FulcioCAWithRekor", the policy is based on the Fulcio certification and incorporates a Rekor verification.
85-
// When set to "PKI", the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI). This value is enabled by turning on the SigstoreImageVerificationPKI feature gate.
85+
// When set to "PKI", the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI).
8686
// +unionDiscriminator
8787
// +required
8888
PolicyType PolicyType `json:"policyType"`

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_clusterimagepolicies-Default.crd.yaml

Lines changed: 0 additions & 415 deletions
This file was deleted.

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_clusterimagepolicies-DevPreviewNoUpgrade.crd.yaml

Lines changed: 0 additions & 510 deletions
This file was deleted.

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_clusterimagepolicies-TechPreviewNoUpgrade.crd.yaml

Lines changed: 0 additions & 510 deletions
This file was deleted.

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_clusterimagepolicies-CustomNoUpgrade.crd.yaml renamed to config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_clusterimagepolicies.crd.yaml

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,6 @@ metadata:
66
api.openshift.io/merged-by-featuregates: "true"
77
include.release.openshift.io/ibm-cloud-managed: "true"
88
include.release.openshift.io/self-managed-high-availability: "true"
9-
release.openshift.io/feature-set: CustomNoUpgrade
109
name: clusterimagepolicies.config.openshift.io
1110
spec:
1211
group: config.openshift.io
@@ -220,7 +219,7 @@ spec:
220219
Allowed values are "PublicKey", "FulcioCAWithRekor", and "PKI".
221220
When set to "PublicKey", the policy relies on a sigstore publicKey and may optionally use a Rekor verification.
222221
When set to "FulcioCAWithRekor", the policy is based on the Fulcio certification and incorporates a Rekor verification.
223-
When set to "PKI", the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI). This value is enabled by turning on the SigstoreImageVerificationPKI feature gate.
222+
When set to "PKI", the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI).
224223
enum:
225224
- PublicKey
226225
- FulcioCAWithRekor

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_imagepolicies-Default.crd.yaml

Lines changed: 0 additions & 416 deletions
This file was deleted.

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_imagepolicies-DevPreviewNoUpgrade.crd.yaml

Lines changed: 0 additions & 511 deletions
This file was deleted.

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_imagepolicies-TechPreviewNoUpgrade.crd.yaml

Lines changed: 0 additions & 511 deletions
This file was deleted.

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_imagepolicies-CustomNoUpgrade.crd.yaml renamed to config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_imagepolicies.crd.yaml

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,6 @@ metadata:
66
api.openshift.io/merged-by-featuregates: "true"
77
include.release.openshift.io/ibm-cloud-managed: "true"
88
include.release.openshift.io/self-managed-high-availability: "true"
9-
release.openshift.io/feature-set: CustomNoUpgrade
109
name: imagepolicies.config.openshift.io
1110
spec:
1211
group: config.openshift.io
@@ -220,7 +219,7 @@ spec:
220219
Allowed values are "PublicKey", "FulcioCAWithRekor", and "PKI".
221220
When set to "PublicKey", the policy relies on a sigstore publicKey and may optionally use a Rekor verification.
222221
When set to "FulcioCAWithRekor", the policy is based on the Fulcio certification and incorporates a Rekor verification.
223-
When set to "PKI", the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI). This value is enabled by turning on the SigstoreImageVerificationPKI feature gate.
222+
When set to "PKI", the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI).
224223
enum:
225224
- PublicKey
226225
- FulcioCAWithRekor

config/v1/zz_generated.featuregated-crd-manifests/clusterimagepolicies.config.openshift.io/SigstoreImageVerification.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -133,7 +133,7 @@ spec:
133133
Allowed values are "PublicKey", "FulcioCAWithRekor", and "PKI".
134134
When set to "PublicKey", the policy relies on a sigstore publicKey and may optionally use a Rekor verification.
135135
When set to "FulcioCAWithRekor", the policy is based on the Fulcio certification and incorporates a Rekor verification.
136-
When set to "PKI", the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI). This value is enabled by turning on the SigstoreImageVerificationPKI feature gate.
136+
When set to "PKI", the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI).
137137
type: string
138138
publicKey:
139139
description: |-

0 commit comments

Comments
 (0)