STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

check correct cmd

Browse source 
Signed-off-by: Meredith Lancaster <malancas@github.com>
This commit is contained in:
Meredith Lancaster 2024-03-12 17:25:38 -06:00
parent 3ee14bbcb8
commit 658fab208d
1 changed files with 2 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

6
test/integration/attestation-cmd/download-and-verify-package-attestation.sh
View file

@ -20,16 +20,14 @@ curl -s "$packageURL" -o "$packageFile"
curl -s "$attestationURL" | jq '.attestations[1].bundle' > "$attestationFile"
# Verify the package with the --owner flag
$ghBuildPath attestation verify "$packageFile" -b "$attestationFile" --digest-alg=sha512 --owner=sigstore
if ! mycmd; then
if ! $ghBuildPath attestation verify "$packageFile" -b "$attestationFile" --digest-alg=sha512 --owner=sigstore; then
# cleanup test data
echo "Failed to verify package with --owner flag"
rm "$packageFile" "$attestationFile"
exit 1
fi
$ghBuildPath attestation verify "$packageFile" -b "$attestationFile" --digest-alg=sha512 --repo=sigstore/sigstore-js
if ! mycmd; then
if ! $ghBuildPath attestation verify "$packageFile" -b "$attestationFile" --digest-alg=sha512 --repo=sigstore/sigstore-js; then
# cleanup test data
echo "Failed to verify package with --repo flag"
rm "$packageFile" "$attestationFile"