We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
After running
ratify verify -c config.json -s mcr.microsoft.com/oss/deislabs/ratify-base:v1.2.0 > log.json
the ratify CLI saves the following content to log.json.
ratify
log.json
Warning: Digest should be used instead of tagged reference. The resolved digest may not point to the same signed artifact, since tags are mutable. { "verifierReports": [ { "subject": "mcr.microsoft.com/oss/deislabs/ratify-base:v1.2.0", "referenceDigest": "sha256:664dbce8187af59ee9a156b10f1ae66c0ab74b2d356bcce6ae3bfbffc90ddcf2", "artifactType": "application/vnd.cncf.notary.signature", "verifierReports": [ { "isSuccess": false, "message": "Original Error: (Original Error: (valid certificates must be provided, only CA certificates or self-signed signing certificates are supported), Error: verify plugin failure, Code: VERIFY_PLUGIN_FAILURE, Plugin Name: notation, Component Type: verifier, Documentation: https://ratify.dev/docs/troubleshoot/verifier/notation, Detail: failed to verify signature of digest), Error: verify reference failure, Code: VERIFY_REFERENCE_FAILURE, Plugin Name: notation, Component Type: verifier", "name": "notation", "extensions": null } ], "nestedReports": [] }, { "subject": "mcr.microsoft.com/oss/deislabs/ratify-base:v1.2.0", "referenceDigest": "sha256:6557162adb2a50ac98b52477ce8959858ba3bafbb94f346fcf764ac0c2aa8346", "artifactType": "application/vnd.in-toto+json", "verifierReports": [], "nestedReports": [] }, { "subject": "mcr.microsoft.com/oss/deislabs/ratify-base:v1.2.0", "referenceDigest": "sha256:f281be7185446aa5bd346b3ee859061c95199830cfd42ce289cda2994205076f", "artifactType": "application/spdx+json", "verifierReports": [], "nestedReports": [ { "subject": "mcr.microsoft.com/oss/deislabs/ratify-base@sha256:f281be7185446aa5bd346b3ee859061c95199830cfd42ce289cda2994205076f", "referenceDigest": "sha256:9a330411e967bde20bd41702fa6cdb32ab27183f53cd3a17af3ebac41d3112b2", "artifactType": "application/vnd.cncf.notary.signature", "verifierReports": [ { "isSuccess": false, "message": "Original Error: (Original Error: (valid certificates must be provided, only CA certificates or self-signed signing certificates are supported), Error: verify plugin failure, Code: VERIFY_PLUGIN_FAILURE, Plugin Name: notation, Component Type: verifier, Documentation: https://ratify.dev/docs/troubleshoot/verifier/notation, Detail: failed to verify signature of digest), Error: verify reference failure, Code: VERIFY_REFERENCE_FAILURE, Plugin Name: notation, Component Type: verifier", "name": "notation", "extensions": null } ], "nestedReports": [] } ] }, { "subject": "mcr.microsoft.com/oss/deislabs/ratify-base:v1.2.0", "referenceDigest": "sha256:ac86395350279f460c6bc08eb7875583c7365c423ebf9a7ac5a7a0f86f87924e", "artifactType": "application/spdx+json", "verifierReports": [], "nestedReports": [ { "subject": "mcr.microsoft.com/oss/deislabs/ratify-base@sha256:ac86395350279f460c6bc08eb7875583c7365c423ebf9a7ac5a7a0f86f87924e", "referenceDigest": "sha256:d93c4208945899f65c50f03024892a6f106344a0759eb1168e43d497d1582e40", "artifactType": "application/vnd.cncf.notary.signature", "verifierReports": [ { "isSuccess": false, "message": "Original Error: (Original Error: (valid certificates must be provided, only CA certificates or self-signed signing certificates are supported), Error: verify plugin failure, Code: VERIFY_PLUGIN_FAILURE, Plugin Name: notation, Component Type: verifier, Documentation: https://ratify.dev/docs/troubleshoot/verifier/notation, Detail: failed to verify signature of digest), Error: verify reference failure, Code: VERIFY_REFERENCE_FAILURE, Plugin Name: notation, Component Type: verifier", "name": "notation", "extensions": null } ], "nestedReports": [] } ] } ] }
As we can observe, log.json contains a warning line and thus it renders log.json not a JSON object.
Print the warning message in the stderr instead of stdout.
stderr
stdout
N/A
v1.2.0
It is the ratify CLI, not running in k8s.
The text was updated successfully, but these errors were encountered:
susanshi
Successfully merging a pull request may close this issue.
What happened in your environment?
After running
ratify verify -c config.json -s mcr.microsoft.com/oss/deislabs/ratify-base:v1.2.0 > log.json
the
ratify
CLI saves the following content tolog.json
.As we can observe,
log.json
contains a warning line and thus it renderslog.json
not a JSON object.What did you expect to happen?
Print the warning message in the
stderr
instead ofstdout
.What version of Kubernetes are you running?
N/A
What version of Ratify are you running?
v1.2.0
Anything else you would like to add?
It is the
ratify
CLI, not running in k8s.Are you willing to submit PRs to contribute to this bug fix?
The text was updated successfully, but these errors were encountered: