Skip to content

Add policy-controller annotations docs #127

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
elfotografo007 wants to merge 3 commits into from
Closed

Add policy-controller annotations docs #127

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
e4cfb77
Include coment about policy-controller annotations
Apr 13, 2023
81462f1
Revert "Include coment about policy-controller annotations"
Apr 17, 2023
e1a5cdb
Improve annotations docs
Apr 17, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletions content/en/policy-controller/overview.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -999,3 +999,14 @@ and TrustRoot. We will fix this in a newer API version, but can't do it without
reving the API version due to backwards compatibility. In CIP the ctLog refers
to Rekor, which in TrustRoot was correctly named `tLog`. Whereas in TrustRoot
the `ctLog` correctly refers to the `Certificate Transparency Log`.

## Enabling annotations

The policy-controller can be configured to write the results of the policy
validation as an annotation. The validation results are stored in a resource
annotation with key `policy.sigstore.dev/policy-controller-results`.

This behavior can be configured using the `config-policy-controller` ConfigMap
created under the release namespace (by default `cosign-system`), and by adding
an entry with the property `annotate-validation-results` and its value `false|true`.
The default is `false`.