STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

undo regex changes

Browse source 
Signed-off-by: Meredith Lancaster <malancas@github.com>
This commit is contained in:
Meredith Lancaster 2025-02-24 10:47:39 -07:00
parent ce87c746b2
commit 37a91ebfdb
1 changed files with 4 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

10
pkg/cmd/attestation/verify/policy.go
View file

@ -56,13 +56,11 @@ func newEnforcementCriteria(opts *Options) (verification.EnforcementCriteria, er
signedRepoRegex := expandToGitHubURLRegex(opts.Tenant, opts.SignerRepo)
c.SANRegex = signedRepoRegex
} else if opts.SignerWorkflow != "" {
validatedWorkflow, err := validateSignerWorkflow(opts.Hostname, opts.SignerWorkflow)
validatedWorkflowRegex, err := validateSignerWorkflow(opts.Hostname, opts.SignerWorkflow)
if err != nil {
return verification.EnforcementCriteria{}, err
}
workflowRegex := fmt.Sprintf("^%s", validatedWorkflow)
c.SANRegex = workflowRegex
c.SANRegex = validatedWorkflowRegex
} else if opts.Repo != "" {
// if the user has not provided the SAN, SANRegex, SignerRepo, or SignerWorkflow options
// then we default to the repo option
@ -157,7 +155,7 @@ func validateSignerWorkflow(hostname, signerWorkflow string) (string, error) {
}
if match {
return fmt.Sprintf("https://%s", signerWorkflow), nil
return fmt.Sprintf("^https://%s", signerWorkflow), nil
}
// if the provided workflow did not match the expect format
@ -166,5 +164,5 @@ func validateSignerWorkflow(hostname, signerWorkflow string) (string, error) {
return "", errors.New("unknown host")
}
return fmt.Sprintf("https://%s/%s", hostname, signerWorkflow), nil
return fmt.Sprintf("^https://%s/%s", hostname, signerWorkflow), nil
}