Skip to content

coreos-inc/apostille

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

223 Commits

aposql

aposql

 
 

auth

auth

 
 

bin

bin

 
 

cmd

cmd

 
 

deploy

deploy

 
 

fixtures

fixtures

 
 

integration

integration

 
 

migrations

migrations

 
 

server

server

 
 

servertest

servertest

 
 

storage

storage

 
 

storagetest

storagetest

 
 

vendor

vendor

 
 

.gitignore

.gitignore

 
 

.gitlab-ci.yml

.gitlab-ci.yml

 
 

.gitmodules

.gitmodules

 
 

APOSTILLE_VERSION

APOSTILLE_VERSION

 
 

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

build_and_deploy.sh

build_and_deploy.sh

 
 

client.Dockerfile

client.Dockerfile

 
 

glide.lock

glide.lock

 
 

glide.yaml

glide.yaml

 
 

mysql.Dockerfile

mysql.Dockerfile

 
 

postgres.Dockerfile

postgres.Dockerfile

 
 

pr_check.sh

pr_check.sh

 
 

server.Dockerfile

server.Dockerfile

 
 

server.dev.Dockerfile

server.dev.Dockerfile

 
 

signer.Dockerfile

signer.Dockerfile

 
 

test.mem.yml

test.mem.yml

 
 

test.mysql.yml

test.mysql.yml

 
 

test.postgresql.yml

test.postgresql.yml

 
 

wrapdocker

wrapdocker

 
 

Repository files navigation

Apostille

Quay's Image Metadata Signature Service

Apostille acts similarly to a notary server in order to support clients using Docker Content Trust. However, Apostille can expose different chains of trust to clients, and supports non-DCT clients with additional signing features.

Building

make build

Dependency updates

make update-deps
make test-all

Running tests

make test         # unit tests
make integration
make test-all

CI/CD

  1. Test with bin/local-ci.sh
  2. Install yaml, helm, cri plugin
  3. kubectl config use-context <cluster>
  4. Initialize and Login to helm as a user with access to apostille-app
  5. bin/build.sh -> this builds and pushes the images to quay.
  6. bin/deploy-to-staging.sh /path/to/quay-policies-encrypted pushes helm package to quay and deploys it.
  7. bin/deploy-to-prod.sh /path/to/quay-policies-encrypted

If you get a 409 conflict when running one of the deploy scripts, comment out the helm registry push and retry.

About

Quay's Image Signing Service

Topics

security signing containers quay

Resources

Readme

License

Apache-2.0 license

Security policy

Security policy
Activity
Custom properties

Stars

1 star

Watchers

8 watching

Forks

4 forks
Report repository

Releases 3

Beta Latest
Jun 20, 2017
+ 2 releases

Packages

No packages published

Contributors 5

Languages