Checking enable content trust, but not checking prevent vuln images from running results in notary errors #6259
Labels
impact/doc/note
Requires creation of or changes to an official release note
kind/defect
Behavior that is inconsistent with what's intended
priority/p2
Comments
mhagen-vmware
added
kind/defect
mdubya66
added
the
impact/doc/note
|
@reasonerjt Is this as expected? |
|
@mhagen-vmware I see the kind/note flag, but isn't this covered by #6258? |
|
Nope, 6258 is just dealing with enabling whitelisted mode, this issue is about whitelist/notary interaction. We have 2 check boxes. The first should just enable/disable whitelist, the second should just enable/disable vulnerability scanning. Right now the first one enables both. |
|
Issue moved to vmware/harbor #3202 via ZenHub |
|
moved this to harbor as that is the appropriate repo |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
My understanding is that content trust should just be whitelist and the prevent vuln image should be the notary check? Independent?
The text was updated successfully, but these errors were encountered: