STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update pkg/cmd/attestation/verify/verify.go

Browse source 
Co-authored-by: Andy Feller <andyfeller@github.com>
This commit is contained in:
Phill MV 2024-06-24 13:33:10 -04:00 committed by GitHub
parent c25dacc33e
commit c9f9fac7dc
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
pkg/cmd/attestation/verify/verify.go
View file

@ -58,8 +58,8 @@ func NewVerifyCmd(f *cmdutil.Factory, runF func(*Options) error) *cobra.Command
To see the full results that are generated upon successful verification, i.e.
for use with a policy engine, provide the %[1]s--format=json%[1]s flag.
The signer workflow's identity is validated against the attestation's
certificate's Subject Alternative Name (SAN). Often, the signer workflow is the
The signer workflow's identity is validated against the Subject Alternative Name (SAN)
within the attestation certificate. Often, the signer workflow is the
same workflow that started the run and generated the attestation, and will be
located inside your repository. For this reason, by default this command uses
either the %[1]s--repo%[1]s or the %[1]s--owner%[1]s flag value to validate the SAN.