Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

develop Kustomize plugin to sign images within the manifests using cosign tool #4217

Closed
developer-guy opened this issue Oct 1, 2021 · 3 comments
Closed

develop Kustomize plugin to sign images within the manifests using cosign tool #4217

developer-guy opened this issue Oct 1, 2021 · 3 comments
Assignees
@KnVerey
Labels
kind/feature Categorizes issue or PR as related to a new feature. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one.

Comments

@developer-guy
Copy link

Is your feature request related to a problem? Please describe.

It is not related to a problem, it is more like a new feature request.

Describe the solution you'd like

Recently, I came across a git repository called sopsencodedsecrets. Then, I searched for Kustomize plugins and realized that it is easy to develop plugins using Go for extending Kustomize 1. So, I'm proposing a new plugin called sign-with-cosign-plugin which helps us to sign all the images within the manifest files for Deployment, DaemonSet, Pod, etc by using cosign 2.

Additional context

We (w/@Dentrax @erkanzileli) are the volunteers to do this issue as well.

Footnotes

  1. Extending Kustomize with Go Plugins

  2. cosign

@developer-guy developer-guy added the kind/feature Categorizes issue or PR as related to a new feature. label Oct 1, 2021
@k8s-ci-robot k8s-ci-robot added the needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. label Oct 1, 2021
@k8s-ci-robot
Copy link
Contributor

@developer-guy: This issue is currently awaiting triage.

SIG CLI takes a lead on issue triage for this repo, but any Kubernetes member can accept issues by applying the triage/accepted label.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@KnVerey KnVerey self-assigned this Oct 27, 2021
@KnVerey
Copy link
Contributor

KnVerey commented Nov 11, 2021

I'm glad to hear your interest in extending Kustomize! Please note that all extension mechanisms are still in alpha, and Go plugins are currently slated for deprecation because of the issues described in the docs. If you move forward with this extension, I would encourage you to build it as a container-based KRM function and help us improve that extension development experience with any feedback you may have.

You can find more information on the vision for Kustomize extensions in this provisional KEP: kubernetes/enhancements#2953.

Since this would be an extension, I don't think we need to keep a tracking issue open on this repo. Please reopen if I've misunderstood.
/close

@k8s-ci-robot
Copy link
Contributor

@KnVerey: Closing this issue.

In response to this:

I'm glad to hear your interest in extending Kustomize! Please note that all extension mechanisms are still in alpha, and Go plugins are currently slated for deprecation because of the issues described in the docs. If you move forward with this extension, I would encourage you to build it as a container-based KRM function and help us improve that extension development experience with any feedback you may have.

You can find more information on the vision for Kustomize extensions in this provisional KEP: kubernetes/enhancements#2953.

Since this would be an extension, I don't think we need to keep a tracking issue open on this repo. Please reopen if I've misunderstood.
/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@KnVerey KnVerey

Labels
kind/feature Categorizes issue or PR as related to a new feature. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@KnVerey @developer-guy @k8s-ci-robot