|
This is unreleased documentation for Admission Controller 1.30-next. |
OCI registry support for Admission Controller
You distribute your SUSE Security Admission Controller policies as OCI Artifacts using regular Open Container Initiative (OCI) registries.
Admission Controller policy storage is alongside container images. They don’t require extra setup or maintenance other than that needed for regular container images.
|
You can add a registry that works with Admission Controller or correct any registry inaccuracies by using the "Edit this page" button at the bottom of the page |
Projects implementing OCI registries
-
Quay: Supported, but inactive by default in v3.6.
Hosted OCI registries
-
Quay.io. See projects list.
-
Amazon ECR: See here.
-
Google Artifact Registry. See here.
-
Azure Container Registry. See here.
-
Docker Hub. See here.
-
JFrog Artifactory. See here.
Known issues
Docker Hub
Currently, Docker Hub doesn’t support OCI artifacts so can’t be used to store Admission Controller policies. Docker Inc. has announced that Docker Hub will support OCI artifacts in the future.
JFrog
Although JFrog supports OCI artifacts, it’s only partially possible to push to it, when following their specification. Read more here.