The frontline support team will be unavailable to answer questions on April 15th and 17th 2019. We will be back soon after. Thank you for your patience and we apologize for any inconvenience!
Using Docker Content Trust with Cromwell
I host the docker images I use for my cromwell analsys on docker hub. I want to make sure that I can trust the images that I pull from docker hub. (To protect against man in the middle attacks, compromised docker hub account, etc). Luckily, docker has something called Content Trust which enables you to cryptographically sign your images. However, this only works when you work with tags (ie
docker pull broadinstitute/genomes-in-the-cloud:2.3-1498756809), but cromwell uses hashes internally.
From a random script.submit:
docker run --rm -v <path> -i broadinstitute/[email protected]:e36609f714e301ee40c632b62422d
Is there a way to use Content Trust with Cromwell? The ability to verify the authenticity of each step of our analysis is very important to us.