Commit 2f7c8c2a authored by Daniel Jiang's avatar Daniel Jiang
Browse files

Check the tag in isArtifactSigned func

This commit ensures that when CLI is pulling a tag, the content trust middleware check the data in notary to ensure the particular tag is signed, not only the digest.
Signed-off-by: default avatarDaniel Jiang <>
parent 316f0349
......@@ -21,6 +21,9 @@ var (
if err != nil {
return false, err
if len(art.Tag) > 0 {
return checker.IsTagSigned(art.Tag, art.Digest), nil
return checker.IsArtifactSigned(art.Digest), nil
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment