cleanup error wrapping
Signed-off-by: Meredith Lancaster <malancas@github.com>
This commit is contained in:
Meredith Lancaster
parent
12c7de2559
commit
02a1274eaa
14 changed files with 54 additions and 52 deletions
|
|
@ -31,7 +31,7 @@ func normalizeReference(reference string, pathSeparator rune) (normalized string
|
|||
case strings.HasPrefix(reference, "file://"):
|
||||
uri, err := url.ParseRequestURI(reference)
|
||||
if err != nil {
|
||||
return "", 0, fmt.Errorf("failed to parse reference URI: %w", err)
|
||||
return "", 0, fmt.Errorf("failed to parse reference URI: %v", err)
|
||||
}
|
||||
var path string
|
||||
if pathSeparator == '/' {
|
||||
|
|
|
|||
|
|
@ -46,7 +46,7 @@ func CalculateDigestWithAlgorithm(r io.Reader, alg string) (string, error) {
|
|||
}
|
||||
|
||||
if _, err := io.Copy(h, r); err != nil {
|
||||
return "", fmt.Errorf("failed to calculate digest: %w", err)
|
||||
return "", fmt.Errorf("failed to calculate digest: %v", err)
|
||||
}
|
||||
digest := h.Sum(nil)
|
||||
return hex.EncodeToString(digest), nil
|
||||
|
|
|
|||
|
|
@ -10,12 +10,12 @@ import (
|
|||
func digestLocalFileArtifact(filename, digestAlg string) (*DigestedArtifact, error) {
|
||||
data, err := os.Open(filename)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to get open local artifact: %w", err)
|
||||
return nil, fmt.Errorf("failed to get open local artifact: %v", err)
|
||||
}
|
||||
defer data.Close()
|
||||
digest, err := digest.CalculateDigestWithAlgorithm(data, digestAlg)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to calculate local artifact digest: %w", err)
|
||||
return nil, fmt.Errorf("failed to calculate local artifact digest: %v", err)
|
||||
}
|
||||
return &DigestedArtifact{
|
||||
URL: fmt.Sprintf("file://%s", filename),
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ func digestContainerImageArtifact(url string, client oci.Client) (*DigestedArtif
|
|||
named, err := reference.Parse(url)
|
||||
if err != nil {
|
||||
// cannot be parsed as a registry reference
|
||||
return nil, fmt.Errorf("artifact %s is not a valid registry reference: %w", url, err)
|
||||
return nil, fmt.Errorf("artifact %s is not a valid registry reference: %v", url, err)
|
||||
}
|
||||
|
||||
digest, err := client.GetImageDigest(named.String())
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ type LiveClient struct {
|
|||
func (c LiveClient) GetImageDigest(imgName string) (*v1.Hash, error) {
|
||||
name, err := c.parseReference(imgName)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to create image tag: %w", err)
|
||||
return nil, fmt.Errorf("failed to create image tag: %v", err)
|
||||
}
|
||||
|
||||
// The user must already be authenticated with the container registry
|
||||
|
|
@ -53,7 +53,7 @@ func (c LiveClient) GetImageDigest(imgName string) (*v1.Hash, error) {
|
|||
return nil, accessErr
|
||||
}
|
||||
}
|
||||
return nil, fmt.Errorf("failed to fetch remote image: %w", err)
|
||||
return nil, fmt.Errorf("failed to fetch remote image: %v", err)
|
||||
}
|
||||
|
||||
return &desc.Digest, nil
|
||||
|
|
|
|||
|
|
@ -92,7 +92,7 @@ func NewDownloadCmd(f *cmdutil.Factory, runF func(*Options) error) *cobra.Comman
|
|||
}
|
||||
|
||||
if err := runDownload(opts); err != nil {
|
||||
return fmt.Errorf("Failed to download the artifact's bundle(s): %w", err)
|
||||
return fmt.Errorf("Failed to download the artifact's bundle(s): %v", err)
|
||||
}
|
||||
return nil
|
||||
},
|
||||
|
|
@ -111,7 +111,7 @@ func NewDownloadCmd(f *cmdutil.Factory, runF func(*Options) error) *cobra.Comman
|
|||
func runDownload(opts *Options) error {
|
||||
artifact, err := artifact.NewDigestedArtifact(opts.OCIClient, opts.ArtifactPath, opts.DigestAlgorithm)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to digest artifact: %w", err)
|
||||
return fmt.Errorf("failed to digest artifact: %v", err)
|
||||
}
|
||||
|
||||
opts.Logger.VerbosePrintf("Downloading trusted metadata for artifact %s\n\n", opts.ArtifactPath)
|
||||
|
|
@ -129,12 +129,12 @@ func runDownload(opts *Options) error {
|
|||
fmt.Fprintf(opts.Logger.IO.Out, "No attestations found for %s\n", opts.ArtifactPath)
|
||||
return nil
|
||||
}
|
||||
return fmt.Errorf("failed to fetch attestations: %w", err)
|
||||
return fmt.Errorf("failed to fetch attestations: %v", err)
|
||||
}
|
||||
|
||||
metadataFilePath, err := opts.Store.createMetadataFile(artifact.DigestWithAlg(), attestations)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to write attestation: %w", err)
|
||||
return fmt.Errorf("failed to write attestation: %v", err)
|
||||
}
|
||||
fmt.Fprintf(opts.Logger.IO.Out, "Wrote attestations to file %s.\nAny previous content has been overwritten\n\n", metadataFilePath)
|
||||
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ func (s *LiveStore) createMetadataFile(artifactDigest string, attestationsResp [
|
|||
|
||||
f, err := os.Create(metadataFilePath)
|
||||
if err != nil {
|
||||
return "", errors.Join(ErrAttestationFileCreation, fmt.Errorf("failed to create file: %w", err))
|
||||
return "", errors.Join(ErrAttestationFileCreation, fmt.Errorf("failed to create file: %v", err))
|
||||
}
|
||||
|
||||
for _, resp := range attestationsResp {
|
||||
|
|
@ -40,24 +40,24 @@ func (s *LiveStore) createMetadataFile(artifactDigest string, attestationsResp [
|
|||
attBytes, err := json.Marshal(bundle)
|
||||
if err != nil {
|
||||
if err = f.Close(); err != nil {
|
||||
return "", errors.Join(ErrAttestationFileCreation, fmt.Errorf("failed to close file while marshalling JSON: %w", err))
|
||||
return "", errors.Join(ErrAttestationFileCreation, fmt.Errorf("failed to close file while marshalling JSON: %v", err))
|
||||
}
|
||||
return "", errors.Join(ErrAttestationFileCreation, fmt.Errorf("failed to marshall attestation to JSON while writing to file: %w", err))
|
||||
return "", errors.Join(ErrAttestationFileCreation, fmt.Errorf("failed to marshall attestation to JSON while writing to file: %v", err))
|
||||
}
|
||||
|
||||
withNewline := fmt.Sprintf("%s\n", attBytes)
|
||||
_, err = f.Write([]byte(withNewline))
|
||||
if err != nil {
|
||||
if err = f.Close(); err != nil {
|
||||
return "", errors.Join(ErrAttestationFileCreation, fmt.Errorf("failed to close file while handling write error: %w", err))
|
||||
return "", errors.Join(ErrAttestationFileCreation, fmt.Errorf("failed to close file while handling write error: %v", err))
|
||||
}
|
||||
|
||||
return "", errors.Join(ErrAttestationFileCreation, fmt.Errorf("failed to write attestations: %w", err))
|
||||
return "", errors.Join(ErrAttestationFileCreation, fmt.Errorf("failed to write attestations: %v", err))
|
||||
}
|
||||
}
|
||||
|
||||
if err = f.Close(); err != nil {
|
||||
return "", errors.Join(ErrAttestationFileCreation, fmt.Errorf("failed to close file after writing attestations: %w", err))
|
||||
return "", errors.Join(ErrAttestationFileCreation, fmt.Errorf("failed to close file after writing attestations: %v", err))
|
||||
}
|
||||
|
||||
return metadataFilePath, nil
|
||||
|
|
|
|||
|
|
@ -68,28 +68,28 @@ func getOrgAndRepo(repoURL string) (string, string, error) {
|
|||
func getAttestationDetail(attr api.Attestation) (AttestationDetail, error) {
|
||||
envelope, err := attr.Bundle.Envelope()
|
||||
if err != nil {
|
||||
return AttestationDetail{}, fmt.Errorf("failed to get envelope from bundle: %w", err)
|
||||
return AttestationDetail{}, fmt.Errorf("failed to get envelope from bundle: %v", err)
|
||||
}
|
||||
|
||||
statement, err := envelope.EnvelopeContent().Statement()
|
||||
if err != nil {
|
||||
return AttestationDetail{}, fmt.Errorf("failed to get statement from envelope: %w", err)
|
||||
return AttestationDetail{}, fmt.Errorf("failed to get statement from envelope: %v", err)
|
||||
}
|
||||
|
||||
var predicate Predicate
|
||||
predicateJson, err := json.Marshal(statement.Predicate)
|
||||
if err != nil {
|
||||
return AttestationDetail{}, fmt.Errorf("failed to marshal predicate: %w", err)
|
||||
return AttestationDetail{}, fmt.Errorf("failed to marshal predicate: %v", err)
|
||||
}
|
||||
|
||||
err = json.Unmarshal(predicateJson, &predicate)
|
||||
if err != nil {
|
||||
return AttestationDetail{}, fmt.Errorf("failed to unmarshal predicate: %w", err)
|
||||
return AttestationDetail{}, fmt.Errorf("failed to unmarshal predicate: %v", err)
|
||||
}
|
||||
|
||||
org, repo, err := getOrgAndRepo(predicate.BuildDefinition.ExternalParameters.Workflow.Repository)
|
||||
if err != nil {
|
||||
return AttestationDetail{}, fmt.Errorf("failed to parse attestation content: %w", err)
|
||||
return AttestationDetail{}, fmt.Errorf("failed to parse attestation content: %v", err)
|
||||
}
|
||||
|
||||
return AttestationDetail{
|
||||
|
|
@ -107,7 +107,7 @@ func getDetailsAsSlice(results []*verification.AttestationProcessingResult) ([][
|
|||
for i, result := range results {
|
||||
detail, err := getAttestationDetail(*result.Attestation)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to get attestation detail: %w", err)
|
||||
return nil, fmt.Errorf("failed to get attestation detail: %v", err)
|
||||
}
|
||||
details[i] = []string{detail.RepositoryName, detail.RepositoryID, detail.OrgName, detail.OrgID, detail.WorkflowID}
|
||||
}
|
||||
|
|
@ -120,7 +120,7 @@ func getAttestationDetails(results []*verification.AttestationProcessingResult)
|
|||
for i, result := range results {
|
||||
detail, err := getAttestationDetail(*result.Attestation)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to get attestation detail: %w", err)
|
||||
return nil, fmt.Errorf("failed to get attestation detail: %v", err)
|
||||
}
|
||||
details[i] = detail
|
||||
}
|
||||
|
|
|
|||
|
|
@ -108,7 +108,7 @@ func runInspect(opts *Options) error {
|
|||
|
||||
policy, err := buildPolicy(*artifact)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to build policy: %w", err)
|
||||
return fmt.Errorf("failed to build policy: %v", err)
|
||||
}
|
||||
|
||||
sigstore, err := verification.NewSigstoreVerifier(config, policy)
|
||||
|
|
@ -118,7 +118,7 @@ func runInspect(opts *Options) error {
|
|||
|
||||
res := sigstore.Verify(attestations)
|
||||
if res.Error != nil {
|
||||
return fmt.Errorf("at least one attestation failed to verify against Sigstore: %w", res.Error)
|
||||
return fmt.Errorf("at least one attestation failed to verify against Sigstore: %v", res.Error)
|
||||
}
|
||||
|
||||
opts.Logger.VerbosePrint(opts.Logger.ColorScheme.Green(
|
||||
|
|
@ -129,7 +129,7 @@ func runInspect(opts *Options) error {
|
|||
if opts.exporter != nil {
|
||||
details, err := getAttestationDetails(res.VerifyResults)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to get attestation detail: %w", err)
|
||||
return fmt.Errorf("failed to get attestation detail: %v", err)
|
||||
}
|
||||
|
||||
jsonResults := make([]string, len(details))
|
||||
|
|
@ -151,7 +151,7 @@ func runInspect(opts *Options) error {
|
|||
// otherwise, print results in a table
|
||||
details, err := getDetailsAsSlice(res.VerifyResults)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to parse attestation details: %w", err)
|
||||
return fmt.Errorf("failed to parse attestation details: %v", err)
|
||||
}
|
||||
|
||||
headers := []string{"Repo Name", "Repo ID", "Org Name", "Org ID", "Workflow ID"}
|
||||
|
|
@ -165,7 +165,7 @@ func runInspect(opts *Options) error {
|
|||
}
|
||||
|
||||
if err = t.Render(); err != nil {
|
||||
return fmt.Errorf("failed to print output: %w", err)
|
||||
return fmt.Errorf("failed to print output: %v", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
|
|
|
|||
|
|
@ -66,7 +66,7 @@ func NewTUFRootVerifyCmd(f *cmdutil.Factory, runF func() error) *cobra.Command {
|
|||
func tufRootVerify(mirror, root string) error {
|
||||
rb, err := os.ReadFile(root)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to read root file %s: %w", root, err)
|
||||
return fmt.Errorf("failed to read root file %s: %v", root, err)
|
||||
}
|
||||
opts := verification.GitHubTUFOptions()
|
||||
opts.Root = rb
|
||||
|
|
@ -75,7 +75,7 @@ func tufRootVerify(mirror, root string) error {
|
|||
// sure there is no caching enabled
|
||||
opts.CacheValidity = 0
|
||||
if _, err = tuf.New(opts); err != nil {
|
||||
return fmt.Errorf("failed to create TUF client: %w", err)
|
||||
return fmt.Errorf("failed to create TUF client: %v", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
|
|
|
|||
|
|
@ -41,13 +41,13 @@ func GetLocalAttestations(path string) ([]*api.Attestation, error) {
|
|||
case ".json":
|
||||
attestations, err := loadBundleFromJSONFile(path)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("bundle could not be loaded from JSON file: %w", err)
|
||||
return nil, fmt.Errorf("bundle could not be loaded from JSON file: %v", err)
|
||||
}
|
||||
return attestations, nil
|
||||
case ".jsonl":
|
||||
attestations, err := loadBundlesFromJSONLinesFile(path)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("bundles could not be loaded from JSON lines file: %w", err)
|
||||
return nil, fmt.Errorf("bundles could not be loaded from JSON lines file: %v", err)
|
||||
}
|
||||
return attestations, nil
|
||||
}
|
||||
|
|
@ -66,7 +66,7 @@ func loadBundleFromJSONFile(path string) ([]*api.Attestation, error) {
|
|||
func loadBundlesFromJSONLinesFile(path string) ([]*api.Attestation, error) {
|
||||
file, err := os.Open(path)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("could not open file: %w", err)
|
||||
return nil, fmt.Errorf("could not open file: %v", err)
|
||||
}
|
||||
defer file.Close()
|
||||
|
||||
|
|
@ -79,7 +79,7 @@ func loadBundlesFromJSONLinesFile(path string) ([]*api.Attestation, error) {
|
|||
bundle.Bundle = new(protobundle.Bundle)
|
||||
err = bundle.UnmarshalJSON(b)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to unmarshal bundle from JSON: %w", err)
|
||||
return nil, fmt.Errorf("failed to unmarshal bundle from JSON: %v", err)
|
||||
}
|
||||
a := api.Attestation{Bundle: &bundle}
|
||||
attestations = append(attestations, &a)
|
||||
|
|
|
|||
|
|
@ -49,17 +49,17 @@ type SigstoreVerifier struct {
|
|||
func NewSigstoreVerifier(config SigstoreConfig, policy verify.PolicyBuilder) (*SigstoreVerifier, error) {
|
||||
customVerifier, err := newCustomVerifier(config.CustomTrustedRoot)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to create custom verifier: %w", err)
|
||||
return nil, fmt.Errorf("failed to create custom verifier: %v", err)
|
||||
}
|
||||
|
||||
publicGoodVerifier, err := newPublicGoodVerifier()
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to create Public Good Sigstore verifier: %w", err)
|
||||
return nil, fmt.Errorf("failed to create Public Good Sigstore verifier: %v", err)
|
||||
}
|
||||
|
||||
ghVerifier, err := newGitHubVerifier()
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to create GitHub Sigstore verifier: %w", err)
|
||||
return nil, fmt.Errorf("failed to create GitHub Sigstore verifier: %v", err)
|
||||
}
|
||||
|
||||
return &SigstoreVerifier{
|
||||
|
|
@ -75,7 +75,7 @@ func NewSigstoreVerifier(config SigstoreConfig, policy verify.PolicyBuilder) (*S
|
|||
func (v *SigstoreVerifier) chooseVerifier(b *bundle.ProtobufBundle) (*verify.SignedEntityVerifier, string, error) {
|
||||
verifyContent, err := b.VerificationContent()
|
||||
if err != nil {
|
||||
return nil, "", fmt.Errorf("failed to get bundle verification content: %w", err)
|
||||
return nil, "", fmt.Errorf("failed to get bundle verification content: %v", err)
|
||||
}
|
||||
leafCert, ok := verifyContent.HasCertificate()
|
||||
if !ok {
|
||||
|
|
@ -122,7 +122,7 @@ func (v *SigstoreVerifier) Verify(attestations []*api.Attestation) *SigstoreResu
|
|||
verifier, issuer, err := v.chooseVerifier(apr.Attestation.Bundle)
|
||||
if err != nil {
|
||||
return &SigstoreResults{
|
||||
Error: fmt.Errorf("failed to find recognized issuer from bundle content: %w", err),
|
||||
Error: fmt.Errorf("failed to find recognized issuer from bundle content: %v", err),
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -136,7 +136,7 @@ func (v *SigstoreVerifier) Verify(attestations []*api.Attestation) *SigstoreResu
|
|||
))
|
||||
|
||||
return &SigstoreResults{
|
||||
Error: fmt.Errorf("verifying with issuer \"%s\": %w", issuer, err),
|
||||
Error: fmt.Errorf("verifying with issuer \"%s\": %v", issuer, err),
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -160,12 +160,12 @@ func newCustomVerifier(trustedRootFilePath string) (*verify.SignedEntityVerifier
|
|||
|
||||
trustedRoot, err := root.NewTrustedRootFromPath(trustedRootFilePath)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to create trusted root from file %s: %w", trustedRootFilePath, err)
|
||||
return nil, fmt.Errorf("failed to create trusted root from file %s: %v", trustedRootFilePath, err)
|
||||
}
|
||||
|
||||
gv, err := verify.NewSignedEntityVerifier(trustedRoot, verify.WithSignedTimestamps(1))
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to create custom verifier: %w", err)
|
||||
return nil, fmt.Errorf("failed to create custom verifier: %v", err)
|
||||
}
|
||||
|
||||
return gv, nil
|
||||
|
|
@ -175,7 +175,7 @@ func newGitHubVerifier() (*verify.SignedEntityVerifier, error) {
|
|||
opts := GitHubTUFOptions()
|
||||
client, err := tuf.New(opts)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to create TUF client: %w", err)
|
||||
return nil, fmt.Errorf("failed to create TUF client: %v", err)
|
||||
}
|
||||
trustedRoot, err := root.GetTrustedRoot(client)
|
||||
if err != nil {
|
||||
|
|
@ -183,7 +183,7 @@ func newGitHubVerifier() (*verify.SignedEntityVerifier, error) {
|
|||
}
|
||||
gv, err := verify.NewSignedEntityVerifier(trustedRoot, verify.WithSignedTimestamps(1))
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to create GitHub verifier: %w", err)
|
||||
return nil, fmt.Errorf("failed to create GitHub verifier: %v", err)
|
||||
}
|
||||
|
||||
return gv, nil
|
||||
|
|
@ -192,16 +192,16 @@ func newGitHubVerifier() (*verify.SignedEntityVerifier, error) {
|
|||
func newPublicGoodVerifier() (*verify.SignedEntityVerifier, error) {
|
||||
client, err := tuf.DefaultClient()
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to create TUF client: %w", err)
|
||||
return nil, fmt.Errorf("failed to create TUF client: %v", err)
|
||||
}
|
||||
trustedRoot, err := root.GetTrustedRoot(client)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to get trusted root: %w", err)
|
||||
return nil, fmt.Errorf("failed to get trusted root: %v", err)
|
||||
}
|
||||
|
||||
sv, err := verify.NewSignedEntityVerifier(trustedRoot, verify.WithSignedCertificateTimestamps(1), verify.WithTransparencyLog(1), verify.WithObserverTimestamps(1))
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to create Public Good verifier: %w", err)
|
||||
return nil, fmt.Errorf("failed to create Public Good verifier: %v", err)
|
||||
}
|
||||
|
||||
return sv, nil
|
||||
|
|
|
|||
|
|
@ -9,6 +9,8 @@ import (
|
|||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
// This tests that a policy can be built from a valid artifact
|
||||
// Note that policy use is tested in verify_test.go in this package
|
||||
func TestBuildPolicy(t *testing.T) {
|
||||
ociClient := oci.MockClient{}
|
||||
artifactPath := "../test/data/sigstore-js-2.1.0.tgz"
|
||||
|
|
|
|||
|
|
@ -106,7 +106,7 @@ func NewVerifyCmd(f *cmdutil.Factory, runF func(*Options) error) *cobra.Command
|
|||
}
|
||||
|
||||
if err := runVerify(opts); err != nil {
|
||||
return fmt.Errorf("Failed to verify the artifact: %w", err)
|
||||
return fmt.Errorf("Failed to verify the artifact: %v", err)
|
||||
}
|
||||
return nil
|
||||
},
|
||||
|
|
@ -159,7 +159,7 @@ func runVerify(opts *Options) error {
|
|||
|
||||
policy, err := buildVerifyPolicy(opts, *artifact)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to build policy: %w", err)
|
||||
return fmt.Errorf("failed to build policy: %v", err)
|
||||
}
|
||||
|
||||
config := verification.SigstoreConfig{
|
||||
|
|
@ -175,7 +175,7 @@ func runVerify(opts *Options) error {
|
|||
|
||||
sigstoreRes := sv.Verify(attestations)
|
||||
if sigstoreRes.Error != nil {
|
||||
return fmt.Errorf("at least one attestation failed to verify against Sigstore: %w", sigstoreRes.Error)
|
||||
return fmt.Errorf("at least one attestation failed to verify against Sigstore: %v", sigstoreRes.Error)
|
||||
}
|
||||
|
||||
opts.Logger.VerbosePrint(opts.Logger.ColorScheme.Green(
|
||||
|
|
@ -184,7 +184,7 @@ func runVerify(opts *Options) error {
|
|||
|
||||
// Try verifying the attestation's predicate type against the expect SLSA predicate type
|
||||
if err = verifySLSAPredicateType(opts.Logger, sigstoreRes.VerifyResults); err != nil {
|
||||
return fmt.Errorf("at least one attestation failed to verify predicate type verification: %w", err)
|
||||
return fmt.Errorf("at least one attestation failed to verify predicate type verification: %v", err)
|
||||
}
|
||||
|
||||
opts.Logger.VerbosePrint(opts.Logger.ColorScheme.Green("Successfully verified the SLSA predicate type of all attestations!\n"))
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue