From 08a66f5383de973d62bbf25cd95971d55a058513 Mon Sep 17 00:00:00 2001 From: Meredith Lancaster Date: Tue, 19 Nov 2024 14:26:15 -0700 Subject: [PATCH] wording Signed-off-by: Meredith Lancaster --- pkg/cmd/attestation/verification/policy.go | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/pkg/cmd/attestation/verification/policy.go b/pkg/cmd/attestation/verification/policy.go index b530fba5c..d4976ab47 100644 --- a/pkg/cmd/attestation/verification/policy.go +++ b/pkg/cmd/attestation/verification/policy.go @@ -54,24 +54,24 @@ func (c EnforcementCriteria) BuildPolicyInformation() string { template := ` The following policy criteria will be enforced against all attestations: -- Attestation predicate type must match %s -- Attestation's signing certificate must have an OIDC issuer matching %s -- Attestation must be associated with an artifact built in an organization whose URI is %s` +- Predicate type must match %s +- Signing certificate's OIDC issuer must match %s +- Artifact must be built in an organization whose URI is %s` info := fmt.Sprintf(template, c.PredicateType, c.Certificate.Issuer, c.Certificate.SourceRepositoryOwnerURI) if c.Certificate.SourceRepositoryURI != "" { - info += fmt.Sprintf("\n- Attestation must be associated with an artifact built in a repository whose URI is %s", c.Certificate.SourceRepositoryURI) + info += fmt.Sprintf("\n- Artifact built in a repository whose URI is %s", c.Certificate.SourceRepositoryURI) } if c.Certificate.RunnerEnvironment == GitHubRunner { - info += "\n- Attestation must be generated by an Action workflow executed in a GitHub hosted runner" + info += "\n- Attestation must have been generated by an Action workflow executed in a GitHub hosted runner" } if c.SAN != "" { - info += fmt.Sprintf("\n- Attestation's signing certificate must have a Subject Alternative Name matching the exact value %s", c.SAN) + info += fmt.Sprintf("\n- Signing certificate must have a Subject Alternative Name matching the exact value %s", c.SAN) } else if c.SANRegex != "" { - info += fmt.Sprintf("\n- Attestation's signing certificate must have a Subject Alternative Name matching the regex %s", c.SANRegex) + info += fmt.Sprintf("\n- Signing certificate must have a Subject Alternative Name matching the regex %s", c.SANRegex) } return info