diff --git a/pkg/cmd/attestation/verification/mock_verifier.go b/pkg/cmd/attestation/verification/mock_verifier.go index c5560743b..e22142ed5 100644 --- a/pkg/cmd/attestation/verification/mock_verifier.go +++ b/pkg/cmd/attestation/verification/mock_verifier.go @@ -18,7 +18,7 @@ type MockSigstoreVerifier struct { func (v *MockSigstoreVerifier) Verify(attestations []*api.Attestation, policy verify.PolicyBuilder) *SigstoreResults { statement := &in_toto.Statement{} - statement.PredicateType = SLSAPredicateType + statement.PredicateType = SLSAPredicateV1 result := AttestationProcessingResult{ Attestation: &api.Attestation{ diff --git a/pkg/cmd/attestation/verify/verify.go b/pkg/cmd/attestation/verify/verify.go index fbe4591cc..bf0f6191d 100644 --- a/pkg/cmd/attestation/verify/verify.go +++ b/pkg/cmd/attestation/verify/verify.go @@ -184,7 +184,7 @@ func NewVerifyCmd(f *cmdutil.Factory, runF func(*Options) error) *cobra.Command verifyCmd.Flags().StringVarP(&opts.Repo, "repo", "R", "", "Repository name in the format /") verifyCmd.MarkFlagsMutuallyExclusive("owner", "repo") verifyCmd.MarkFlagsOneRequired("owner", "repo") - verifyCmd.Flags().StringVarP(&opts.PredicateType, "predicate-type", "", verification.SLSAPredicateType, "Filter attestations by provided predicate type") + verifyCmd.Flags().StringVarP(&opts.PredicateType, "predicate-type", "", verification.SLSAPredicateV1, "Filter attestations by provided predicate type") verifyCmd.Flags().BoolVarP(&opts.NoPublicGood, "no-public-good", "", false, "Do not verify attestations signed with Sigstore public good instance") verifyCmd.Flags().StringVarP(&opts.TrustedRoot, "custom-trusted-root", "", "", "Path to a trusted_root.jsonl file; likely for offline verification") verifyCmd.Flags().IntVarP(&opts.Limit, "limit", "L", api.DefaultLimit, "Maximum number of attestations to fetch") diff --git a/pkg/cmd/attestation/verify/verify_test.go b/pkg/cmd/attestation/verify/verify_test.go index f2627120d..1a787ccf4 100644 --- a/pkg/cmd/attestation/verify/verify_test.go +++ b/pkg/cmd/attestation/verify/verify_test.go @@ -74,7 +74,7 @@ func TestNewVerifyCmd(t *testing.T) { Limit: 30, OIDCIssuer: verification.GitHubOIDCIssuer, Owner: "sigstore", - PredicateType: verification.SLSAPredicateType, + PredicateType: verification.SLSAPredicateV1, SigstoreVerifier: verification.NewMockSigstoreVerifier(t), }, wantsErr: true, @@ -90,7 +90,7 @@ func TestNewVerifyCmd(t *testing.T) { Limit: 30, OIDCIssuer: verification.GitHubOIDCIssuer, Owner: "sigstore", - PredicateType: verification.SLSAPredicateType, + PredicateType: verification.SLSAPredicateV1, SANRegex: "(?i)^https://github.com/sigstore/", SigstoreVerifier: verification.NewMockSigstoreVerifier(t), }, @@ -107,7 +107,7 @@ func TestNewVerifyCmd(t *testing.T) { Limit: 30, OIDCIssuer: verification.GitHubOIDCIssuer, Owner: "sigstore", - PredicateType: verification.SLSAPredicateType, + PredicateType: verification.SLSAPredicateV1, SANRegex: "(?i)^https://foo.ghe.com/sigstore/", SigstoreVerifier: verification.NewMockSigstoreVerifier(t), }, @@ -124,7 +124,7 @@ func TestNewVerifyCmd(t *testing.T) { Limit: 30, OIDCIssuer: verification.GitHubOIDCIssuer, Owner: "sigstore", - PredicateType: verification.SLSAPredicateType, + PredicateType: verification.SLSAPredicateV1, SANRegex: "(?i)^https://github.com/sigstore/", SigstoreVerifier: verification.NewMockSigstoreVerifier(t), }, @@ -141,7 +141,7 @@ func TestNewVerifyCmd(t *testing.T) { Limit: 30, OIDCIssuer: verification.GitHubOIDCIssuer, Owner: "sigstore", - PredicateType: verification.SLSAPredicateType, + PredicateType: verification.SLSAPredicateV1, SANRegex: "(?i)^https://github.com/sigstore/", SigstoreVerifier: verification.NewMockSigstoreVerifier(t), }, @@ -157,7 +157,7 @@ func TestNewVerifyCmd(t *testing.T) { Limit: 30, OIDCIssuer: verification.GitHubOIDCIssuer, Owner: "sigstore", - PredicateType: verification.SLSAPredicateType, + PredicateType: verification.SLSAPredicateV1, SANRegex: "(?i)^https://github.com/sigstore/", SigstoreVerifier: verification.NewMockSigstoreVerifier(t), }, @@ -173,7 +173,7 @@ func TestNewVerifyCmd(t *testing.T) { Limit: 30, OIDCIssuer: verification.GitHubOIDCIssuer, Owner: "sigstore", - PredicateType: verification.SLSAPredicateType, + PredicateType: verification.SLSAPredicateV1, Repo: "sigstore/sigstore-js", SigstoreVerifier: verification.NewMockSigstoreVerifier(t), }, @@ -189,7 +189,7 @@ func TestNewVerifyCmd(t *testing.T) { Limit: 30, OIDCIssuer: verification.GitHubOIDCIssuer, Owner: "sigstore", - PredicateType: verification.SLSAPredicateType, + PredicateType: verification.SLSAPredicateV1, SANRegex: "(?i)^https://github.com/sigstore/", SigstoreVerifier: verification.NewMockSigstoreVerifier(t), }, @@ -205,7 +205,7 @@ func TestNewVerifyCmd(t *testing.T) { Limit: 101, OIDCIssuer: verification.GitHubOIDCIssuer, Owner: "sigstore", - PredicateType: verification.SLSAPredicateType, + PredicateType: verification.SLSAPredicateV1, SANRegex: "(?i)^https://github.com/sigstore/", SigstoreVerifier: verification.NewMockSigstoreVerifier(t), }, @@ -221,7 +221,7 @@ func TestNewVerifyCmd(t *testing.T) { Limit: 0, OIDCIssuer: verification.GitHubOIDCIssuer, Owner: "sigstore", - PredicateType: verification.SLSAPredicateType, + PredicateType: verification.SLSAPredicateV1, SANRegex: "(?i)^https://github.com/sigstore/", SigstoreVerifier: verification.NewMockSigstoreVerifier(t), }, @@ -237,7 +237,7 @@ func TestNewVerifyCmd(t *testing.T) { Limit: 30, OIDCIssuer: verification.GitHubOIDCIssuer, Owner: "sigstore", - PredicateType: verification.SLSAPredicateType, + PredicateType: verification.SLSAPredicateV1, SAN: "https://github.com/sigstore/", SANRegex: "(?i)^https://github.com/sigstore/", SigstoreVerifier: verification.NewMockSigstoreVerifier(t), @@ -255,7 +255,7 @@ func TestNewVerifyCmd(t *testing.T) { Limit: 30, OIDCIssuer: verification.GitHubOIDCIssuer, Owner: "sigstore", - PredicateType: verification.SLSAPredicateType, + PredicateType: verification.SLSAPredicateV1, SANRegex: "(?i)^https://github.com/sigstore/", SigstoreVerifier: verification.NewMockSigstoreVerifier(t), }, @@ -363,7 +363,7 @@ func TestJSONOutput(t *testing.T) { OCIClient: oci.MockClient{}, OIDCIssuer: verification.GitHubOIDCIssuer, Owner: "sigstore", - PredicateType: verification.SLSAPredicateType, + PredicateType: verification.SLSAPredicateV1, SANRegex: "^https://github.com/sigstore/", SigstoreVerifier: verification.NewMockSigstoreVerifier(t), exporter: cmdutil.NewJSONExporter(), @@ -387,7 +387,7 @@ func TestRunVerify(t *testing.T) { OCIClient: oci.MockClient{}, OIDCIssuer: verification.GitHubOIDCIssuer, Owner: "sigstore", - PredicateType: verification.SLSAPredicateType, + PredicateType: verification.SLSAPredicateV1, SANRegex: "^https://github.com/sigstore/", SigstoreVerifier: verification.NewMockSigstoreVerifier(t), }