-
Notifications
You must be signed in to change notification settings - Fork 23
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unexpectedly added version
property to extraIdentity
#842
Labels
Milestone
Comments
generally +1. However, I would personally prefer the |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What happened:
When executing
ocm sign componentversions
on a component descriptor which contains multiple resources which share the same name and haveextraIdentity
explicitly set to{}
, all resources have theversion
property added to theextraIdentity
field except the last resource of that name (which is reasonable since the last resource is unique withoutextraIdentity
being set as soon as all other resources have theirversion
property added to it).What you expected to happen:
Don't silently add properties to the
extraIdentity
field duringocm sign
command (and certainly not inconsistently). Instead, rather fail verification.How to reproduce it (as minimally and precisely as possible):
Example component descriptor which has to be signed using
ocm sign componentversions
command:Anything else we need to know:
Environment:
The text was updated successfully, but these errors were encountered: