STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
11279 commits 87 branches 0 tags 160 MiB
Commit graph

5446 commits

Author SHA1 Message Date
Meredith Lancaster
bb1584b52a comment 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-01 09:02:56 -06:00
Meredith Lancaster
a6d15b4f60 update OIDC issuer logic 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-01 09:02:23 -06:00
Meredith Lancaster
a5eca00d0d remove emtpy string checks 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-01 08:20:32 -06:00
Meredith Lancaster
0fb82a6e7c comments 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 17:11:02 -06:00
Meredith Lancaster
a7a70fc91c check for SAN and SANRegex 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 16:59:25 -06:00
Meredith Lancaster
50cda0df44 add Valid method for EnforcementCriteria 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 16:56:49 -06:00
Meredith Lancaster
8336f797ad use sigstore-go certificate.Summary type for criteria 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 16:27:21 -06:00
Meredith Lancaster
9f3d00960c keep comment 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 16:16:09 -06:00
Meredith Lancaster
a81cb730fc update VerifyCertExtensions args 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 16:14:28 -06:00
Meredith Lancaster
e6d0a067e6
Update pkg/cmd/attestation/verification/extensions.go 
Co-authored-by: Phill MV <phillmv@github.com>
 2024-10-31 16:09:45 -06:00
Meredith Lancaster
7948ce4dc9 rename function 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 16:09:08 -06:00
Meredith Lancaster
6f4b5ddc40 remove artifact from EnforcementCriteria 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 16:07:25 -06:00
Phill MV
ea59132d38 more wip poking around, now with table printing 2024-10-31 17:02:46 -04:00
Meredith Lancaster
23374d8c62 undo sigstore verify result handling changes for now 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 12:49:01 -06:00
Meredith Lancaster
4bd46334ff return the last verification error for now 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 12:38:37 -06:00
Meredith Lancaster
56731c9b70 remove unneeded result handling struct 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 12:26:06 -06:00
Meredith Lancaster
26e04932f2 split out individual sigstore verification 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 11:59:32 -06:00
Meredith Lancaster
3e90628abb add test for sigstore monotonic verification 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 11:23:15 -06:00
Meredith Lancaster
d29a4a751a update extension verification logic 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 10:44:36 -06:00
Meredith Lancaster
97262d8ce7 add test case for monotonic verification success 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 10:25:45 -06:00
Meredith Lancaster
01f63c5cc3 clean up unneeded struct 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 10:08:05 -06:00
Meredith Lancaster
9cdeb31fc6 reorganize funcs 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 08:32:35 -06:00
Meredith Lancaster
61b60e9430 fix runner setting 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 08:19:33 -06:00
Meredith Lancaster
bb0dcd9db4 fix wrong field settings 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-30 17:19:15 -06:00
Meredith Lancaster
318bd90356 update extensions tests 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-30 16:21:15 -06:00
Meredith Lancaster
bf4f04f797 Merge branch 'trunk' into attestation-refactor-policy 2024-10-30 16:14:30 -06:00
Meredith Lancaster
84c823c55f clean up extension verification tests 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-30 16:12:57 -06:00
Meredith Lancaster
8b02c43085 add tests for newEnforcementCriteria 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-30 16:05:39 -06:00
Meredith Lancaster
1652051fc2
Merge pull request #9825 from malancas/verify-provenance-predicate-by-default 
`gh attestation verify` should only verify provenance attestations by default
 2024-10-30 15:45:18 -06:00
Meredith Lancaster
4fa5f0c5ee update extensions test 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-30 15:44:53 -06:00
Meredith Lancaster
fa2574c1a8 Merge remote-tracking branch 'upstream/trunk' into attestation-refactor-policy 2024-10-30 15:29:27 -06:00
Meredith Lancaster
93c78a2134 use sigstore specific err 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-30 15:28:34 -06:00
Meredith Lancaster
b44c9d3003 undo policy method changes 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-30 15:23:50 -06:00
Meredith Lancaster
bb5136007e
Merge pull request #9838 from malancas/attestation-clean-up-tests 
Clean up skipped online tests for `gh attestation verify`
 2024-10-30 13:28:44 -06:00
Andy Feller
3b4301f62a
Merge pull request #9845 from cli/andyfeller/9807-repo-edit-visibility-confirmation 
Require visibility confirmation in `gh repo edit`
 2024-10-30 15:20:51 -04:00
Meredith Lancaster
3378b546da simplify if else logic 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-30 12:58:40 -06:00
Andy Feller
3f5fc85e41 Assert stderr for gh repo edit visibility tests 2024-10-30 13:31:00 -04:00
Meredith Lancaster
41c3ba5fa7 drop sigstore instance for now 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-29 18:19:19 -06:00
Meredith Lancaster
e16b69bd08 cert extension funcs are now policy methods 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-29 17:27:47 -06:00
Meredith Lancaster
e5b2b09a6e move policy functions into methods 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-29 16:41:17 -06:00
Meredith Lancaster
704de0cf37 start building a separate policy struct 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-29 15:33:24 -06:00
Phill MV
dbbd83c566 wip, gh at inspect will check the signature on the bundle 2024-10-29 14:17:04 -04:00
Meredith Lancaster
384057c2e2 bold all flags in docs 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-29 11:54:42 -06:00
Meredith Lancaster
271450883e
Update pkg/cmd/attestation/verify/verify.go 
Co-authored-by: Phill MV <phillmv@github.com>
 2024-10-29 11:53:28 -06:00
Andy Feller
15b2db9277 Require visibility confirmation in gh repo edit 
This commit modifies interactive and non-interactive behaviors around `gh repo edit` as well as providing greater information about the impact.

1. `--help` usage is expanded to highlight the most significant consequences of changing visibility
1. `--help` usage and interactive experience call out GitHub Docs content that act as source of truth about full consequences of various changes
1. `gh repo edit` interactive experience will require confirmation for any visibility change
1. `gh repo edit` interactive experience will output potential stars and watchers lose regardless of visibility transition
1. `gh repo edit` will require `--visibility` flag to include new `--accept-visibility-change-consequences` flag regardless of interactivity
 2024-10-29 10:25:04 -04:00
Meredith Lancaster
15d7e33ddb update references 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-29 07:11:51 -06:00
Meredith Lancaster
7bfddec046 fix references 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-29 07:09:45 -06:00
Meredith Lancaster
efa6fafc47
Update pkg/cmd/attestation/verification/attestation.go 
Co-authored-by: Phill MV <phillmv@github.com>
 2024-10-29 07:06:23 -06:00
Meredith Lancaster
7598c4a58f organize 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-28 15:38:06 -06:00
Meredith Lancaster
f8f3502cac doc updates 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-28 15:37:58 -06:00