fix: extend container policies

clemak27 · clemak27 · commit 043bb3f819b0 · 2025-11-12T08:09:55.000+01:00
diff --git a/build.sh b/build.sh
@@ -58,13 +58,6 @@ cat << EOF > /etc/containers/policy.json
     }
   ],
   "transports": {
-    "docker-daemon": {
-      "": [
-        {
-          "type": "insecureAcceptAnything"
-        }
-      ]
-    },
     "docker": {
       "ghcr.io/clemak27": [
         {
@@ -75,11 +68,53 @@ cat << EOF > /etc/containers/policy.json
           }
         }
       ],
+      "registry.access.redhat.com": [
+          {
+              "type": "signedBy",
+              "keyType": "GPGKeys",
+              "keyPath": "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release"
+          }
+      ],
+      "registry.redhat.io": [
+          {
+              "type": "signedBy",
+              "keyType": "GPGKeys",
+              "keyPath": "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release"
+          }
+      ],
       "": [
         {
           "type": "insecureAcceptAnything"
         }
       ]
+    },
+    "containers-storage": {
+        "": [
+            {
+                "type": "insecureAcceptAnything"
+            }
+        ]
+    },
+    "docker-daemon": {
+        "": [
+            {
+                "type": "insecureAcceptAnything"
+            }
+        ]
+    },
+    "oci": {
+        "": [
+            {
+                "type": "insecureAcceptAnything"
+            }
+        ]
+    },
+    "oci-archive": {
+        "": [
+            {
+                "type": "insecureAcceptAnything"
+            }
+        ]
     }
   }
 }
