Add image sign
Add an ability to add signature for images.
Related reclass-system change I7d22c5c4570ec6b3cfb5a2346f5efb83d5804222
Related-PROD: PROD-24494
Co-Authored-By: Mykyta Karpin <mkarpin@mirantis.com>
Change-Id: I93905c3dd6f0ed62023fab1d154c47c3716f628c
diff --git a/README.rst b/README.rst
index 33e32c7..cdabcff 100644
--- a/README.rst
+++ b/README.rst
@@ -378,7 +378,7 @@
resources:
v1:
enabled: true
- cloud_name: admin_identity:
+ cloud_name: admin_identity
secrets:
TestSecret:
type: certificate
@@ -387,10 +387,38 @@
payload_content_encoding: base64
payload_path: /tmp/test.crt
encodeb64_payload: true
+ acl:
+ TestSecret:
+ test_user:
+ enabled: True
+
+
+Sign image with barbican
+------------------------
+
+To sign image with given image name, secrect name and user credentials, can be
+used the following pillar:
+
+
+.. code-block:: yaml
+
+ barbican:
+ client:
+ enabled: True
+ signed_images:
+ v1:
+ enabled: true
+ images:
+ TestImage:
+ secret_name: 'TestSecret'
+ cert_key: /etc/test/certs/image.key
+ name: test-image-name
+ cloud_name: admin_identity
+
Enable x509 and ssl communication between Barbican and Galera cluster.
----------------------
+----------------------------------------------------------------------
By default communication between Barbican and Galera is unsecure.
barbican: