From f43ec0079bab00cbc2065da7468c6867511818c9 Mon Sep 17 00:00:00 2001
From: Meredith Lancaster <malancas@github.com>
Date: Tue, 1 Apr 2025 11:52:13 -0600
Subject: [PATCH] add test for predicate type filtering

Signed-off-by: Meredith Lancaster <malancas@github.com>
---
 .../verify/verify-with-internal-github-sigstore.sh          | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/test/integration/attestation-cmd/verify/verify-with-internal-github-sigstore.sh b/test/integration/attestation-cmd/verify/verify-with-internal-github-sigstore.sh
index 647a13a4c..cea3c7228 100644
--- a/test/integration/attestation-cmd/verify/verify-with-internal-github-sigstore.sh
+++ b/test/integration/attestation-cmd/verify/verify-with-internal-github-sigstore.sh
@@ -14,3 +14,9 @@ if ! $ghBuildPath attestation verify "$ghCLIArtifact" --digest-alg=sha256 --owne
     echo "Failed to verify"
     exit 1
 fi
+
+# Try to verify when specifying a predicate type that does not match the attestation
+if $ghBuildPath attestation verify "$ghCLIArtifact" --digest-alg=sha256 --owner=cli --predicate-type=my-custom-predicate-type; then
+    echo "Verification should have failed"
+    exit 1
+fi