talos

mirrors/talos

Fork 0

mirror of https://github.com/siderolabs/talos.git synced 2026-05-05 04:16:21 +02:00

Commit Graph

Author	SHA1	Message	Date
Andrey Smirnov	25e2f37e2b	chore: generate comments for fields in resource proto Update structprotogen to put comments from Go structs into generated .proto files. Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>	2026-04-22 18:02:27 +04:00
Laura Brehm	7f2eb48561	feat: add image verification endpoint Add support for whole machine-wide image verification configuration. Configuration is a set of rules applied top-down to the image reference, each specifying a specific cosign-based identity or static public key claim. Talos provides a machined API to verify an image reference, resolving it to the digest on the way as needed. Talos itself hooks up in the image verification process, while containerd CRI plugin accesses same API via the machined socket. Signed-off-by: Laura Brehm <laurabrehm@hey.com> Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>	2026-03-06 20:06:07 +04:00

Author

SHA1

Message

Date

Andrey Smirnov

25e2f37e2b

chore: generate comments for fields in resource proto

Update structprotogen to put comments from Go structs into generated
.proto files.

Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>

2026-04-22 18:02:27 +04:00

Laura Brehm

7f2eb48561

feat: add image verification endpoint

Add support for whole machine-wide image verification configuration.
Configuration is a set of rules applied top-down to the image reference,
each specifying a specific cosign-based identity or static public key
claim.

Talos provides a machined API to verify an image reference, resolving it
to the digest on the way as needed.

Talos itself hooks up in the image verification process, while
containerd CRI plugin accesses same API via the machined socket.

Signed-off-by: Laura Brehm <laurabrehm@hey.com>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>

2026-03-06 20:06:07 +04:00

2 Commits