New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable Content Trust checking when pulling lambci/lambda images #6992
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you @mhart !
Can you ensure that tests are also updated, and that file matches prettier formatting.
For proposed change CI status failed.
This ensures that the images are signed correctly: https://docs.docker.com/v17.09/engine/security/trust/content_trust/
Codecov Report
@@ Coverage Diff @@
## master #6992 +/- ##
=======================================
Coverage 88.43% 88.43%
=======================================
Files 229 229
Lines 8420 8420
=======================================
Hits 7446 7446
Misses 974 974
Continue to review full report at Codecov.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey @mhart thanks for working on this! 👍
I just tested it and it works fine. I'm not all too familiar with Docker internals. Would this be a breaking change or will this flag be ignored if old Docker versions don't support this (if that's an option)? Just want to make sure that this is non-breaking for anyone.
Other than that I'd say it's GTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just looked into this again. Apparently content trust was introduced in Docker Engine 1.8 which was released in 2015, long before we added Docker support for invoke local, so we should be fine here.
Merging...
What did you implement
Added the
--disable-content-trust=false
flag to thedocker pull
command to ensure that images are signed correctly (lambci/lambda
images are now signed):https://docs.docker.com/v17.09/engine/security/trust/content_trust/
How can we verify it
Run invoke local with the docker option
Todos
You could potentially add an option for this in case people don't want to check signed images...? Not sure why they'd want that.
The other way to implement it would be to set
DOCKER_CONTENT_TRUST=1
in the environment that you spawn the Docker command with. Not sure if you'd prefer that eitherIs this ready for review?: YES
Is it a breaking change?: NO