Add Signing Process for Windows Installer · kubernetes/minikube#4841

(9 留言) (0 反應) (0 負責人)Go (31,799 star) (5,222 fork)batch import

help wantedkind/featurelifecycle/frozenpackaging/windowspriority/backlogsig/releasesig/security

描述

As of now, whenever the minikube installer is run, the following screen comes up which makes it look as if the executable is malicious to a user -

This also revolves around having infrastructure/process to sign the executables/installers so that they can be verified.

Not sure if we need to have for other operating systems as well.

-Pranav

技術棧: go
領域: securityreleasedevops
議題類型: feature
難度: 4
預計時間: over 1 week
活動狀態: stale
清晰度: clear
前置要求: code signing certificateWindows installer toolingGo app build process
新手友善度: 20
研究方向: Investigate existing code signing practices in the minikube repository. Look at the build process for Windows installer in scripts or Makefile. Check if there are any certificates stored securely. Evaluate adding a step to sign the executable during the CI/CD pipeline using a certificate like Azure Key Vault or similar. Coordinate with maintainers about certificate acquisition and cost.