Our staff will be observing the holiday and will be unavailable from 22nd to 25th November. This will cause a delay in reaching out to you and answering your questions immediately. Rest assured we will get back to it on Monday November 26th. We are grateful for your support and patience.
Have a great holiday everyone!!!
Using Docker Content Trust with Cromwell
I host the docker images I use for my cromwell analsys on docker hub. I want to make sure that I can trust the images that I pull from docker hub. (To protect against man in the middle attacks, compromised docker hub account, etc). Luckily, docker has something called Content Trust which enables you to cryptographically sign your images. However, this only works when you work with tags (ie
docker pull broadinstitute/genomes-in-the-cloud:2.3-1498756809), but cromwell uses hashes internally.
From a random script.submit:
docker run --rm -v <path> -i broadinstitute/[email protected]:e36609f714e301ee40c632b62422d
Is there a way to use Content Trust with Cromwell? The ability to verify the authenticity of each step of our analysis is very important to us.