davejansen/fedora-bootc
1
0
Fork 1
Code Issues 2 Pull Requests Actions 2 Packages Releases Activity

Attempt: Add custom containers-policy.json
Some checks failed
Build container image / Build and push image (push) Failing after 2m12s
Details

Browse Source
This commit is contained in:
Dave Jansen
2025-11-16 14:43:10 +09:00
parent 011fa92cdb
commit 8f80e0f85b
2 changed files with 36 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
build_files/build.sh
View File

@@ -5,6 +5,10 @@ set -ouex pipefail
# Copy System Files onto root # Copy System Files onto root
rsync -rvK /ctx/sys_files/ / rsync -rvK /ctx/sys_files/ /
# Copy cosign.pub key into the right location
mkdir -p /etc/pki/containers
cp /ctx/cosign.pub /etc/pki/containers/davejansen.pub
### Install packages ### Install packages
# Packages can be installed from any enabled yum repo on the image. # Packages can be installed from any enabled yum repo on the image.

32
sys_files/usr/etc/containers/policy.json Normal file
View File

@@ -0,0 +1,32 @@
{
"default": [
{
"type": "reject"
}
],
"transports": {
"docker": {
"davejansen.dev": [
{
"type": "sigstoreSigned",
"keyPaths": ["/etc/pki/containers/davejansen.pub"],
"signedIdentity": {
"type": "matchRepository"
}
}
],
"": [
{
"type": "insecureAcceptAnything"
}
]
},
"docker-daemon": {
"": [
{
"type": "insecureAcceptAnything"
}
]
}
}
}