96 lines
3 KiB
JSON
96 lines
3 KiB
JSON
|
{
|
||
|
"default": [
|
||
|
{
|
||
|
"type": "reject"
|
||
|
}
|
||
|
],
|
||
|
"transports": {
|
||
|
"dir": {
|
||
|
"": [
|
||
|
{
|
||
|
"type": "insecureAcceptAnything"
|
||
|
}
|
||
|
]
|
||
|
},
|
||
|
"docker": {
|
||
|
"example.com/playground": [
|
||
|
{
|
||
|
"type": "insecureAcceptAnything"
|
||
|
}
|
||
|
],
|
||
|
"example.com/production": [
|
||
|
{
|
||
|
"type": "signedBy",
|
||
|
"keyType": "GPGKeys",
|
||
|
"keyPath": "/keys/employee-gpg-keyring"
|
||
|
}
|
||
|
],
|
||
|
"example.com/hardened": [
|
||
|
{
|
||
|
"type": "signedBy",
|
||
|
"keyType": "GPGKeys",
|
||
|
"keyPath": "/keys/employee-gpg-keyring",
|
||
|
"signedIdentity": {
|
||
|
"type": "matchRepository"
|
||
|
}
|
||
|
},
|
||
|
{
|
||
|
"type": "signedBy",
|
||
|
"keyType": "signedByGPGKeys",
|
||
|
"keyPath": "/keys/public-key-signing-gpg-keyring",
|
||
|
"signedIdentity": {
|
||
|
"type": "matchExact"
|
||
|
}
|
||
|
},
|
||
|
{
|
||
|
"type": "signedBaseLayer",
|
||
|
"baseLayerIdentity": {
|
||
|
"type": "exactRepository",
|
||
|
"dockerRepository": "registry.access.redhat.com/rhel7/rhel"
|
||
|
}
|
||
|
}
|
||
|
],
|
||
|
"example.com/hardened-x509": [
|
||
|
{
|
||
|
"type": "signedBy",
|
||
|
"keyType": "X509Certificates",
|
||
|
"keyPath": "/keys/employee-cert-file",
|
||
|
"signedIdentity": {
|
||
|
"type": "matchRepository"
|
||
|
}
|
||
|
},
|
||
|
{
|
||
|
"type": "signedBy",
|
||
|
"keyType": "signedByX509CAs",
|
||
|
"keyPath": "/keys/public-key-signing-ca-file"
|
||
|
}
|
||
|
],
|
||
|
"registry.access.redhat.com": [
|
||
|
{
|
||
|
"type": "signedBy",
|
||
|
"keyType": "signedByGPGKeys",
|
||
|
"keyPath": "/keys/RH-key-signing-key-gpg-keyring",
|
||
|
"signedIdentity": {
|
||
|
"type": "matchRepoDigestOrExact"
|
||
|
}
|
||
|
}
|
||
|
],
|
||
|
"bogus/key-data-example": [
|
||
|
{
|
||
|
"type": "signedBy",
|
||
|
"keyType": "signedByGPGKeys",
|
||
|
"keyData": "bm9uc2Vuc2U="
|
||
|
}
|
||
|
],
|
||
|
"bogus/signed-identity-example": [
|
||
|
{
|
||
|
"type": "signedBaseLayer",
|
||
|
"baseLayerIdentity": {
|
||
|
"type": "exactReference",
|
||
|
"dockerReference": "registry.access.redhat.com/rhel7/rhel:latest"
|
||
|
}
|
||
|
}
|
||
|
]
|
||
|
}
|
||
|
}
|
||
|
}
|