From 91577594dec1478785e058b502506e913767e8dd Mon Sep 17 00:00:00 2001 From: Meredith Lancaster Date: Thu, 14 Nov 2024 10:20:48 -0700 Subject: [PATCH] formatting Signed-off-by: Meredith Lancaster --- pkg/cmd/attestation/verification/policy.go | 16 ++++++++++------ pkg/cmd/attestation/verify/verify.go | 4 ++-- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/pkg/cmd/attestation/verification/policy.go b/pkg/cmd/attestation/verification/policy.go index e77879089..31f383f7f 100644 --- a/pkg/cmd/attestation/verification/policy.go +++ b/pkg/cmd/attestation/verification/policy.go @@ -51,12 +51,15 @@ func (c EnforcementCriteria) Valid() error { } func (c EnforcementCriteria) BuildPolicyInformation() string { - info := fmt.Sprintf(` - The following policy enforcement criteria will be checked against all attestations: - - Attestation predicate type must match %s - - Attestation must be signed by a certificate whose OIDC issuer matches %s - - Attestation must be associated with an artifact built in an organization whose URI is %s - `, c.PredicateType, c.Certificate.Issuer, c.Certificate.SourceRepositoryOwnerURI) + template := + ` +The following policy enforcement criteria will be checked against all attestations: +- Attestation predicate type must match %s +- Attestation must be signed by a certificate whose OIDC issuer matches %s +- Attestation must be associated with an artifact built in an organization whose URI is %s +` + + info := fmt.Sprintf(template, c.PredicateType, c.Certificate.Issuer, c.Certificate.SourceRepositoryOwnerURI) if c.Certificate.SourceRepositoryURI != "" { info += fmt.Sprintf("- Attestation must be associated with an artifact built in a repository whose URI is %s", c.Certificate.SourceRepositoryURI) @@ -69,6 +72,7 @@ func (c EnforcementCriteria) BuildPolicyInformation() string { if c.SANRegex != "" { info += fmt.Sprintf("- Attestation must be signed by a certificate with a Subject Alternative Name matching the regex %s", c.SANRegex) } + if c.SAN != "" { info += fmt.Sprintf("- Attestation must be signed by a certificate with a Subject Alternative Name matching the exact value %s", c.SAN) } diff --git a/pkg/cmd/attestation/verify/verify.go b/pkg/cmd/attestation/verify/verify.go index fe5de6f27..82b126dcb 100644 --- a/pkg/cmd/attestation/verify/verify.go +++ b/pkg/cmd/attestation/verify/verify.go @@ -268,7 +268,7 @@ func runVerify(opts *Options) error { attestations = filteredAttestations // print information about the policy that will be enforced against attestations - opts.Logger.Printf(ec.BuildPolicyInformation()) + opts.Logger.Println(ec.BuildPolicyInformation()) sp, err := buildSigstoreVerifyPolicy(ec, *artifact) if err != nil { @@ -288,7 +288,7 @@ func runVerify(opts *Options) error { return err } - opts.Logger.Println(opts.Logger.ColorScheme.Green("āœ“ Verification succeeded!\n")) + opts.Logger.Println(opts.Logger.ColorScheme.Green("\nāœ“ Verification succeeded!\n")) // If an exporter is provided with the --json flag, write the results to the terminal in JSON format if opts.exporter != nil {