STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

use github owned oci image

Browse source 
Signed-off-by: Meredith Lancaster <malancas@github.com>
This commit is contained in:
Meredith Lancaster 2024-12-06 08:32:16 -07:00
parent 7e69c0d4ab
commit 67798b06c0
2 changed files with 6 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

6
pkg/cmd/attestation/verify/verify_integration_test.go
View file

@ -115,15 +115,15 @@ func TestVerifyIntegration(t *testing.T) {
t.Run("with bundle from OCI registry", func(t *testing.T) {
opts := Options{
APIClient: api.NewLiveClient(hc, host, logger),
ArtifactPath: "oci://ghcr.io/malancas/attest-demo:latest",
ArtifactPath: "oci://ghcr.io/github/artifact-attestations-helm-charts/policy-controller:v0.10.0-github9",
UseBundleFromRegistry: true,
DigestAlgorithm: "sha256",
Logger: logger,
OCIClient: oci.NewLiveClient(),
OIDCIssuer: verification.GitHubOIDCIssuer,
Owner: "malancas",
Owner: "github",
PredicateType: verification.SLSAPredicateV1,
SANRegex: "^https://github.com/malancas/",
SANRegex: "^https://github.com/github/",
SigstoreVerifier: verification.NewLiveSigstoreVerifier(sigstoreConfig),
}

6
test/integration/attestation-cmd/verify-oci-bundle.sh
View file

@ -7,8 +7,8 @@ rootDir="$(git rev-parse --show-toplevel)"
ghBuildPath="$rootDir/bin/gh"
# Verify an OCI artifact with bundles stored on the GHCR OCI registry
echo "Testing with OCI image ghcr.io/malancas/attest-demo:latest with the --bundle-from-oci flag"
if ! $ghBuildPath attestation verify oci://ghcr.io/malancas/attest-demo:latest --owner=malancas --bundle-from-oci; then
echo "Failed to verify oci://ghcr.io/malancas/attest-demo:latest with bundles from the GHCR OCI registry"
echo "Testing with OCI image ghcr.io/github/artifact-attestations-helm-charts/policy-controller:v0.10.0-github9 with the --bundle-from-oci flag"
if ! $ghBuildPath attestation verify oci://ghcr.io/github/artifact-attestations-helm-charts/policy-controller:v0.10.0-github9 --owner=github --bundle-from-oci; then
echo "Failed to verify oci://ghcr.io/github/artifact-attestations-helm-charts/policy-controller:v0.10.0-github9 with bundles from the GHCR OCI registry"
exit 1
fi