Add Notation Quick Start#87
Conversation
Signed-off-by: Steve Lasker <stevelasker@hotmail.com>
Signed-off-by: Steve Lasker <stevelasker@hotmail.com>
Signed-off-by: Steve Lasker <stevelasker@hotmail.com>
Signed-off-by: Steve Lasker <stevelasker@hotmail.com>
Signed-off-by: Steve Lasker <stevenlasker@hotmail.com>
Signed-off-by: Steve Lasker <stevenlasker@hotmail.com>
Signed-off-by: Steve Lasker <stevenlasker@hotmail.com>
| export IMAGE=localhost:5000/net-monitor:v1 | ||
| docker build -t $IMAGE https://github.com/wabbit-networks/net-monitor.git#main | ||
| docker push $IMAGE | ||
| notation cert generate-test --default --trust "wabbit-networks-dev" |
There was a problem hiding this comment.
It's not clear what --default and --trust do, and what is wabbit-networks-dev. We can add comments where we want to explain what a particular notation command does.
There was a problem hiding this comment.
This was the quick-start, which is an abbreviated version of: #78
This is the challenge with having required parameters, for good security reasons, while enabling quick-starts.
What would you suggest to keep that balance?
There was a problem hiding this comment.
The other docker commands are straightforward and probably well known to the reader. Where we introduce the notation commands, it would be nice to have a one line comments explaining what the specific command does.
| notation cert generate-test --default --trust "wabbit-networks-dev" | |
| # Generate a test certificate, make it the default for signing, and add it as a trusted identity for verification | |
| notation cert generate-test --default --trust "wabbit-networks-dev" |
| docker build -t $IMAGE https://github.com/wabbit-networks/net-monitor.git#main | ||
| docker push $IMAGE | ||
| notation cert generate-test --default --trust "wabbit-networks-dev" | ||
| notation sign $IMAGE |
There was a problem hiding this comment.
Do we want to demonstrate push/pull signatures from repository?
There was a problem hiding this comment.
notation sign defaults to include push. There are separate apis for generating an offline signature, which we'd cover in a different walkthrough for offline/ephemeral client scenarios.
| docker push $IMAGE | ||
| notation cert generate-test --default --trust "wabbit-networks-dev" | ||
| notation sign $IMAGE | ||
| notation list $IMAGE |
There was a problem hiding this comment.
A comments explaining what this command does will help.
There was a problem hiding this comment.
| notation list $IMAGE | |
| # List the image, and any associated signatures | |
| notation list $IMAGE |
* Add quick-getting started to root readme Signed-off-by: Steve Lasker <stevelasker@hotmail.com>
3 participants
Adds a basic scenario to the root readme.