Skip to content

Commit

Permalink
mod: add gh issue link for n-version support
Browse files Browse the repository at this point in the history
  • Loading branch information
duffney committed Aug 26, 2024
1 parent d9bc6cc commit 1ed68e9
Showing 1 changed file with 1 addition and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -153,7 +153,7 @@ Samples:
- Ratify supports periodic refresh and polling of certificates/keys from Azure Key Vault. The `refreshInterval` field can be set to a time duration to refresh the certificates/keys. When no version of the certificate or key is specified, the latest version will be fetched and the resource will be updated. However, if a version is specified, the resource will be locked to that version and will not be updated.

- If the `refreshInterval` is set, verification may fail if the artifact being verified is signed with an older version of the certificate/key even if the older version is still valid/enabled. This is because Ratify only uses the latest stored certificate/key for verification. However, support n-versions of certificates/keys is planned in future releases.
- If the `refreshInterval` is set, verification may fail if the artifact being verified is signed with an older version of the certificate/key even if the older version is still valid/enabled. This is because Ratify only uses the latest stored certificate/key for verification. However, [support n-versions of certificates/keys](https://github.com/ratify-project/ratify/issues/1751) is planned in future releases.

- If `keys` are configured, the managed identity with `clientID` specified MUST be assigned the correct permissions to list, view, and download keys in the configured Key Vault.

Expand Down

0 comments on commit 1ed68e9

Please sign in to comment.