-
Notifications
You must be signed in to change notification settings - Fork 9
/
metadata.yml
37 lines (37 loc) · 1.44 KB
/
metadata.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
rules:
- apiGroups: [""]
apiVersions: ["v1"]
resources: ["pods"]
operations: ["CREATE", "UPDATE"]
- apiGroups: [""]
apiVersions: ["v1"]
resources: ["replicationcontrollers"]
operations: ["CREATE", "UPDATE"]
- apiGroups: ["apps"]
apiVersions: ["v1"]
resources: ["deployments", "replicasets", "statefulsets", "daemonsets"]
operations: ["CREATE", "UPDATE"]
- apiGroups: ["batch"]
apiVersions: ["v1"]
resources: ["jobs", "cronjobs"]
operations: ["CREATE", "UPDATE"]
mutating: true
contextAware: false
executionMode: kubewarden-wapc
annotations:
# artifacthub specific
io.artifacthub.displayName: Verify Image Signatures
io.artifacthub.resources: Pod
io.artifacthub.keywords: pod, signature, sigstore, trusted
# kubewarden specific
io.kubewarden.policy.ociUrl: ghcr.io/kubewarden/policies/verify-image-signatures
io.kubewarden.policy.title: verify-image-signatures
io.kubewarden.policy.description:
A Kubewarden Policy that verifies all the signatures
of the container images referenced by a Pod
io.kubewarden.policy.author: Kubewarden developers <[email protected]>
io.kubewarden.policy.url: https://github.com/kubewarden/verify-image-signatures
io.kubewarden.policy.source: https://github.com/kubewarden/verify-image-signatures
io.kubewarden.policy.license: Apache-2.0
io.kubewarden.policy.category: Secure supply chain
io.kubewarden.policy.severity: medium