add signed image support

author: seth <[email protected]> 2024-01-25 09:20:49 -0500
committer: seth <[email protected]> 2024-01-25 11:16:13 -0500
commit: 6a0a5b46c633f12ca0e754353b6a6f8818915ed8 (patch)
tree: 92095eb4f4fc0e4c0ccf9ac171fa384d343b578b /config/container-policy.spec
parent: c9e0dd7c15260eb73d59b9996a5a9a17548afd59 (diff)
1 files changed, 27 insertions, 0 deletions
diff --git a/config/container-policy.spec b/config/container-policy.spec
new file mode 100644
index 0000000..1516dfa
--- /dev/null
+++ b/config/container-policy.spec
@@ -0,0 +1,27 @@
+Name:           getchoo-container-policy
+Version:        0.1
+Release:        %autorelease
+Summary:        getchoo's container signing policy
+License:        MIT
+URL:            https://github.com/getchoo/fedora-oci-images
+BuildArch:      noarch
+
+Source0:        container-policy.tar.gz
+
+%description
+getchoo's container policy for verifying images from ghcr.io/getchoo
+
+%prep
+%autosetup -c -T
+
+%install
+tar -xzf %{SOURCE0} -C %{buildroot} --strip-component=1
+
+%files
+%attr(0644,root,root) %{_exec_prefix}/etc/containers/policy.json
+%attr(0644,root,root) %{_exec_prefix}/etc/containers/registries.d/getchoo.yaml
+%attr(0644,root,root) %{_exec_prefix}/etc/pki/containers/fulcio_v1.crt.pem
+%attr(0644,root,root) %{_exec_prefix}/etc/pki/containers/rekor.pub
+
+%changelog
+%autochangelog
author	seth <[email protected]>	2024-01-25 09:20:49 -0500
committer	seth <[email protected]>	2024-01-25 11:16:13 -0500
commit	6a0a5b46c633f12ca0e754353b6a6f8818915ed8 (patch)
tree	92095eb4f4fc0e4c0ccf9ac171fa384d343b578b /config/container-policy.spec
parent	c9e0dd7c15260eb73d59b9996a5a9a17548afd59 (diff)