Hi, great explanation, Thanks. But I am getting one issue. When i am generating .pub file using 1st command. It is asking for passphrase. The same passphrase i am giving in the second command. But it is saying wrong passphrase. Please help on this issue
@@learnwithgvr and when i am checking docker documnetation, in prerequisite notary server is required, is that so? i think in video you didn't do the notary server setup
@@learnwithgvr When i ran docker trust key generate sanyam it is prompted to enter a passphrase, i added. In second cmd docker trust signer add --key sanyampub sanyam imageName, it is also prompted me to add passphrase . When i am adding passphrase that i entered in 1st command it is showing wrong passphrase entered
Hi, you explained very well in the video. Thanks. But I have doubt. Is the purpose of signing a image is just that we got to know about the person who created this image. But the same we can do using USER Maintainer in the dockerfile, then what is the purpose of signing a image. Can you help in this
Docker MAINTAINER will be used to specify author or maintainer provide contact information such as name and email address. if X person is maintainer of 10 images, all images will have my email address. Digest is unique identifier/cryptographic hash for a specific version of an image. in a way used to identity and acts as a fingerprint. If X person say his email is abc@x.com and docker image digest is 123455465634564564356. you can trust his image based on these details not by image name (same name may be used by other uploaders aswell)
Hi, great explanation, Thanks. But I am getting one issue. When i am generating .pub file using 1st command. It is asking for passphrase. The same passphrase i am giving in the second command. But it is saying wrong passphrase. Please help on this issue
@SanyamMittal1111, Thanks for feedback
could you share your steps/commands to understand and help to troubleshoot?
@@learnwithgvr and when i am checking docker documnetation, in prerequisite notary server is required, is that so? i think in video you didn't do the notary server setup
@@learnwithgvr When i ran
docker trust key generate sanyam
it is prompted to enter a passphrase, i added. In second cmd
docker trust signer add --key sanyampub sanyam imageName,
it is also prompted me to add passphrase
. When i am adding passphrase that i entered in 1st command it is showing wrong passphrase entered
Hi Ramanan, Nice walkthrough about signing images via docker.Please create one video about cosign in kubernetes?It should helpful for everyone.
Will try
Very good explanation.please make and upload these kind of technical videos bro. Thanks lot.
Thank you & sure. keep watching this space for more videos
Hi, you explained very well in the video. Thanks. But I have doubt. Is the purpose of signing a image is just that we got to know about the person who created this image. But the same we can do using USER Maintainer in the dockerfile, then what is the purpose of signing a image. Can you help in this
Docker MAINTAINER will be used to specify author or maintainer provide contact information such as name and email address. if X person is maintainer of 10 images, all images will have my email address.
Digest is unique identifier/cryptographic hash for a specific version of an image. in a way used to identity and acts as a fingerprint.
If X person say his email is abc@x.com and docker image digest is 123455465634564564356. you can trust his image based on these details not by image name (same name may be used by other uploaders aswell)
Good session.just one doubt sir, when pod is created using Sha..signature also validated ?
Thanks for feedback. Yes, correct Image digest represents the signature, its is same wherever you upload (ECR, ACR, google registry or anywhere)
Image is not valudated