added configs

Author: hackeramitkumar

app.js

@@ -7,5 +7,5 @@ app.get('/', (req, res) => {
 
 const port = process.env.PORT || 3000;
 app.listen(port, () => {
-  console.log(`Server running on port ${port}`);
+  console.log(`Server running on port yeas it's running ${port}`);
 });

pod2.yml

@@ -0,0 +1,23 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx-deployment
+  labels:
+    app: nginx
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: nginx
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      imagePullSecrets:
+      - name: regcred
+      containers:
+      - name: nginx
+        image: ghcr.io/hackeramitkumar/test5:app2 # NEW VERSION of image
+        ports:
+        - containerPort: 80

policy2.yml

@@ -0,0 +1,53 @@
+apiVersion: kyverno.io/v1
+kind: ClusterPolicy
+metadata:
+  name: check-image-signature
+  annotations: 
+    policies.kyverno.io/title: Check Image Signature
+    policies.kyverno.io/category: ImageSignature
+    policies.kyverno.io/severity: medium
+    policies.kyverno.io/subject: Pod
+    policies.kyverno.io/minversion: 1.7.0
+    policies.kyverno.io/description: >-
+      Using the Cosign project, OCI images may be signed to ensure supply chain
+      security is maintained. Those signatures can be verified before pulling into
+      a cluster. This policy checks the signature of an image repo called
+      ghcr.io/kyverno/test-verify-image to ensure it has been signed by verifying
+      its signature against the provided public key. This policy serves as an illustration for
+      how to configure a similar rule and will require replacing with your image(s) and keys.
+spec:
+  webhookTimeoutSeconds: 15
+  validationFailureAction: audit
+  background: false
+  rules:
+    - name: verify-image-signature
+      match:
+        resources: {}
+        any:
+          - resources:
+              kinds:
+                - Pod
+              namespaces:
+                - "test"
+      verifyImages:
+        - imageReferences:
+          - "*"
+          mutateDigest: true
+          required: true
+          verifyDigest: true
+          attestors:
+            - entries:
+                - keys:
+                    publicKeys: |
+                      -----BEGIN PUBLIC KEY-----
+                      MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFN8gGjQua2g8N+aLx3Eff+/j5HxL
+                      bV+H2z50/0A4d8XyMUvizPQBtcgei43pqLj1850m3wSwI08z2+6zT1QaEg==
+                      -----END PUBLIC KEY-----
+      # BC: https://github.com/kyverno/kyverno/issues/5738
+      mutate: {}
+      validate: {}
+      exclude:
+        resources: {}
+      generate:
+        clone: {}
+        cloneList: {}