Artifacts validation at runtime
Right now, installed artifact are not signed and cannot be validated.
In the future we might want to handle artifacts validation (maybe through hashes) against a configurable authority (like a model, or a repository)
Original issue:
As a user, I want to be able to verify that a given running bus is still the same as the one described in cockpit.
Some ideas of things to check would be:
- structure (see #141 (closed))
- jars signatures
- etc
This also could relies on some functionality of Petals ESB where it would refuse to run if signatures are wrong?
Edited by Pierre Souquet