Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add digest to source, Fixes #187, Fixes #194 #229

Closed
wants to merge 1 commit into from
Closed

Add digest to source, Fixes #187, Fixes #194 #229

wants to merge 1 commit into from

Conversation

creack
Copy link

@creack creack commented Jul 27, 2018
edited
Loading

  • Add support for source digest.
  • Verify the resulting digest.

@pivotal-issuemaster
Copy link

@creack Please sign the Contributor License Agreement!

Click here to manually synchronize the status of this Pull Request.

See the FAQ for frequently asked questions.

@pivotal-issuemaster
Copy link

@creack Thank you for signing the Contributor License Agreement!

@creack creack force-pushed the creack/add-digest-source branch from f0365ad to cd7f930 Compare July 27, 2018 14:21
@creack creack force-pushed the creack/add-digest-source branch from cd7f930 to 3031a86 Compare July 27, 2018 14:24
@vito vito mentioned this pull request Jul 30, 2018
Closed
@vito
Copy link
Member

vito commented Jul 30, 2018

Thanks for taking the time to submit this!

We're actually going to be tackling concourse/concourse#2439 very soon which will enable users to do this without any changes to this resource type (and enable users to do this for all resource types).

Would you be OK with just closing this for now in light of #190 (primarily the 'too many knobs' concern)? We should be picking up the issue I linked very soon - it's at the top of the "core" backlog and we need it done before we can continue on the "spaces" epic.

@achawki
Copy link

achawki commented Jul 31, 2018

Since this PR addresses #194 just partly, check would still always reach out the docker registry => concourse jobs cannot be scheduled anymore in case of a registry downtime, we opened #231 . Just for discussion.

@vito vito mentioned this pull request Jul 31, 2018
Closed
@creack
Copy link
Author

creack commented Aug 8, 2018

Closing in favor of concourse/concourse#2439

This is a critical security issue, I hope it will be addressed soon.

@creack creack closed this Aug 8, 2018
@creack creack deleted the creack/add-digest-source branch August 8, 2018 01:56
@creack
Copy link
Author

creack commented Aug 8, 2018
edited
Loading

For reference, I've been using this in the meantime:

  - name: docker-image-digest-unchecked
    type: docker-image
    privileged: true
    source:
      repository: creack/docker-image-resource
  - name: docker-image-digest
    type: docker-image-digest-unchecked
    privileged: true
    source:
      repository: creack/docker-image-resource
      digest:     sha256:45b2409bdc9a6d49ac56a83bb32715f9389848d1c1a33a98569106c383dfa946

creack/docker-image-resource being this PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@creack @pivotal-issuemaster @vito @achawki