STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

formatting

Browse source 
Signed-off-by: Meredith Lancaster <malancas@github.com>
This commit is contained in:
Meredith Lancaster 2024-11-14 10:20:48 -07:00
parent c7e4411a88
commit 91577594de
2 changed files with 12 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

16
pkg/cmd/attestation/verification/policy.go
View file

@ -51,12 +51,15 @@ func (c EnforcementCriteria) Valid() error {
}
func (c EnforcementCriteria) BuildPolicyInformation() string {
info := fmt.Sprintf(`
The following policy enforcement criteria will be checked against all attestations:
- Attestation predicate type must match %s
- Attestation must be signed by a certificate whose OIDC issuer matches %s
- Attestation must be associated with an artifact built in an organization whose URI is %s
`, c.PredicateType, c.Certificate.Issuer, c.Certificate.SourceRepositoryOwnerURI)
template :=
`
The following policy enforcement criteria will be checked against all attestations:
- Attestation predicate type must match %s
- Attestation must be signed by a certificate whose OIDC issuer matches %s
- Attestation must be associated with an artifact built in an organization whose URI is %s
`
info := fmt.Sprintf(template, c.PredicateType, c.Certificate.Issuer, c.Certificate.SourceRepositoryOwnerURI)
if c.Certificate.SourceRepositoryURI != "" {
info += fmt.Sprintf("- Attestation must be associated with an artifact built in a repository whose URI is %s", c.Certificate.SourceRepositoryURI)
@ -69,6 +72,7 @@ func (c EnforcementCriteria) BuildPolicyInformation() string {
if c.SANRegex != "" {
info += fmt.Sprintf("- Attestation must be signed by a certificate with a Subject Alternative Name matching the regex %s", c.SANRegex)
}
if c.SAN != "" {
info += fmt.Sprintf("- Attestation must be signed by a certificate with a Subject Alternative Name matching the exact value %s", c.SAN)
}

4
pkg/cmd/attestation/verify/verify.go
View file

@ -268,7 +268,7 @@ func runVerify(opts *Options) error {
attestations = filteredAttestations
// print information about the policy that will be enforced against attestations
opts.Logger.Printf(ec.BuildPolicyInformation())
opts.Logger.Println(ec.BuildPolicyInformation())
sp, err := buildSigstoreVerifyPolicy(ec, *artifact)
if err != nil {
@ -288,7 +288,7 @@ func runVerify(opts *Options) error {
return err
}
opts.Logger.Println(opts.Logger.ColorScheme.Green("✓ Verification succeeded!\n"))
opts.Logger.Println(opts.Logger.ColorScheme.Green("\n✓ Verification succeeded!\n"))
// If an exporter is provided with the --json flag, write the results to the terminal in JSON format
if opts.exporter != nil {