Image Integrity on AKS #688
Comments
|
👍 to this. I've asked this exact same question in Azure Advisors, and it's been viewed over 50 times with no answers :-). |
|
This is on the roadmap, the proposal being that for AKS node pools you can define if a specific node pool should enforce content trust. This would apply for all nodes within the node pool. |
|
Any update on this? Is it still on the roadmap? |
|
Ack, still on roadmap but we're prioritizing features such as SLB support and GA quality for VMSS clusters, multiple node pools, cluster autoscaler. |
|
Is there any progress on this? |
|
Hi Pedro, not yet but acknowledging this is still under review on roadmap. Thanks for your patience on this and we will keep the latest updates on this issue. |
|
I do confirm that I have customers asking for it. I do hope, it will be back on the roadmap very soon |
|
Is there any update regarding this one? I'm also working with a customer who wants to use ACR content trust from within AKS |
|
I also have a large client that wants to use signed ACR images with AKS. |
|
Any update on this, we have two clients that wish to use this feature. |
|
I have clients waiting on this feature for some time now. How far is it in AKS roadmap? |
|
Any updates? |
|
I do confirm that I have customers asking for it. @jluk could you please update this issue ? |
|
|
Any updates ? we need this functionnality |
|
This feature is ongoing for design and discussion. A critical aspect for this feature on AKS is enabling a solution which can satisfy all requirements such as content moving repos or across registries which may extend beyond the current scope of the ACR content trust feature as seen today. An important discussion on this front is ongoing with Notaryv2 and I would encourage following up on that workstream to see latest updates to progressing to an AKS solution. |
jluk
changed the title
jluk
added
azure/acr
|
ORAS Artifact support now enabled in South Central US: supply chain artifacts. You can use notary Alpha 1 today. We're working on an end to end doc for how to use Notary v2 with Azure KeyVault, AKS and the Ratify project for signature validation, This will still be early preview, enabling users to engage for feedback. |
ghost
added
the
miwithro
changed the title
|
Leveraging OPA/Gatekeeper, ACR w/Ratify and Notation, AKV, and AKS to create and end to end signing/verification solution for AKS customers. |
miwithro
assigned jluk, lgmorand and miwithro and unassigned miwithro, jluk, SteveLasker and lgmorand
|
We are targeting end of Sep to public preview Image Integrity |
aritraghosh
moved this to Public Preview (Shipped & Improving)
in Azure Kubernetes Service Roadmap (Public)
and others
Is this a BUG REPORT or FEATURE REQUEST?:
Feature
What happened?:
Content Trust has been released in preview for ACR, but I can't see anywhere were we can enable content trust within AKS as a consumer of the ACR?
What did you expect to happen?:
Pull docker images with content trust enabled
How do you reproduce it (as minimally and precisely as possible)?:
Anything else we need to know?:
Environment (if applicable to the issue):
The text was updated successfully, but these errors were encountered: