If I have an image comprised of multiple image layers(read FROM in the Docker files), and I want to sign it with Notary. For the sake of the question, let’s say the root image is from Docker hub. Then the next image is from quay.io then the final image is from ECR and will be pushed there for some weird corporate reason. With docker content trust on, when going to push the final image, is Notary trying to grab signed metadata from all of those registries?
If so, then great, but when pushed, does it consolidate that metadata on the destination registry?
I’m told by Notary contributors that the signer only signs the SHA of the local container which is a composition of the SHAs of the base images. Does the docker client validate base images signed metadata? Or even enforce that base images are signed?