-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathimages.yaml.example
32 lines (32 loc) · 1.13 KB
/
images.yaml.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
# destination configures settings for the destination registry
destination:
# The hostname or IP of the destination registry
registry: 192.168.106.2:5000
# Settings dictating how images are collected
source:
# Enable/disable TLS on source ref fetch
insecure: false
collection:
# image_key specifies an alternate location to check for image names in Pod definitions
# This is useful when mutating webhooks are in place to rewrite image names
image_name_annotation_key: "my.webhook.annotation/[a-zA-Z0-9]+"
# Cosign signature validation settings
cosign_verifiers:
# Registry for verifier
- registry: registry1.dso.mil
# Subpath in registry for verifier
repo: ironbank/*
# Cosign key used to verify signatures
key: /app/ib-cosign.pub
- registry: registry.example.com
repo: foo/bar/baz
key: /app/example-cosign.pub
# Image names to unconditionally exclude from final "images" key
exclude:
- name: docker.io/library/alpine:3
# Images to be synced
images:
- name: docker.io/library/busybox:latest
# Image names to unconditionally include in final "images" key
include:
- name: docker.io/library/nginx:1.23.3