From 6ca5e6f18c78b791c2c4f0e65ad949f05f27664a Mon Sep 17 00:00:00 2001 From: Meredith Lancaster Date: Mon, 18 Nov 2024 11:42:39 -0700 Subject: [PATCH] add newlines for additional policy info Signed-off-by: Meredith Lancaster --- pkg/cmd/attestation/verification/policy.go | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/pkg/cmd/attestation/verification/policy.go b/pkg/cmd/attestation/verification/policy.go index e428bd01d..395575574 100644 --- a/pkg/cmd/attestation/verification/policy.go +++ b/pkg/cmd/attestation/verification/policy.go @@ -56,25 +56,24 @@ func (c EnforcementCriteria) BuildPolicyInformation() string { The following policy criteria will be enforced against all attestations: - Attestation predicate type must match %s - Attestation must be signed by a certificate whose OIDC issuer matches %s -- Attestation must be associated with an artifact built in an organization whose URI is %s -` +- Attestation must be associated with an artifact built in an organization whose URI is %s` info := fmt.Sprintf(template, c.PredicateType, c.Certificate.Issuer, c.Certificate.SourceRepositoryOwnerURI) if c.Certificate.SourceRepositoryURI != "" { - info += fmt.Sprintf("- Attestation must be associated with an artifact built in a repository whose URI is %s", c.Certificate.SourceRepositoryURI) + info += fmt.Sprintf("\n- Attestation must be associated with an artifact built in a repository whose URI is %s", c.Certificate.SourceRepositoryURI) } if c.Certificate.RunnerEnvironment == GitHubRunner { - info += "- Attestation must be signed by a certificate that was generated by a Action workflow executed in a GitHub hosted runner" + info += "\n- Attestation must be signed by a certificate that was generated by a Action workflow executed in a GitHub hosted runner" } if c.SANRegex != "" { - info += fmt.Sprintf("- Attestation must be signed by a certificate with a Subject Alternative Name matching the regex %s", c.SANRegex) + info += fmt.Sprintf("\n- Attestation must be signed by a certificate with a Subject Alternative Name matching the regex %s", c.SANRegex) } if c.SAN != "" { - info += fmt.Sprintf("- Attestation must be signed by a certificate with a Subject Alternative Name matching the exact value %s", c.SAN) + info += fmt.Sprintf("\n- Attestation must be signed by a certificate with a Subject Alternative Name matching the exact value %s", c.SAN) } return info