Add Signing Process for Windows Installer · kubernetes/minikube#4841

(9 评论) (0 反应) (0 负责人)Go (31,799 star) (5,222 fork)batch import

help wantedkind/featurelifecycle/frozenpackaging/windowspriority/backlogsig/releasesig/security

描述

As of now, whenever the minikube installer is run, the following screen comes up which makes it look as if the executable is malicious to a user -

This also revolves around having infrastructure/process to sign the executables/installers so that they can be verified.

Not sure if we need to have for other operating systems as well.

-Pranav

技术栈: go
领域: securityreleasedevops
议题类型: feature
难度: 4
预计时间: over 1 week
活动状态: stale
清晰度: clear
前置要求: code signing certificateWindows installer toolingGo app build process
新手友好度: 20
研究方向: Investigate existing code signing practices in the minikube repository. Look at the build process for Windows installer in scripts or Makefile. Check if there are any certificates stored securely. Evaluate adding a step to sign the executable during the CI/CD pipeline using a certificate like Azure Key Vault or similar. Coordinate with maintainers about certificate acquisition and cost.