Replies: 1 comment 1 reply
-
|
Hi @Vad1mo!👋 Yes! i think there's definitely value in registry integration as it would make the process transparent to the publisher. We have been currently utilizing copa in 2 stages so far; build time and recurringly in CI pipelines. I think registry approach can automate this even further. One concern for registry approach is validation of the images. However, that can be adressed with testing before deployment (such as automation through dependabot, gitops or other means). |
Beta Was this translation helpful? Give feedback.
-
|
what about giving people a choice of choosing between a patched and non-patched version. People can then use the patch version in test environments to verify if their application continues to run. |
Beta Was this translation helpful? Give feedback.
-
👋 one of the Harbor maintainers here. This might be a crazy idea, wouldn't it be cool if one could patch an image directly in the registry?
I am just wondering if this type of integration would add a lot of value or not, of if it is better if it sits outside in eg. the pipeline.
Beta Was this translation helpful? Give feedback.
All reactions