STACKITGit/cli - Git hosting by STACKIT

Author	SHA1	Message	Date
Zach Steindler	caf0546a11	Just base verification policy on trusted root, not bundle Signed-off-by: Zach Steindler <steiza@github.com>	2024-04-24 11:02:53 -04:00
Zach Steindler	d9f7b922d0	Support offline mode for `gh attestation verify` The main change is previously we always instantiated a TUF client for the public good and GitHub Sigstore instances. Now we only instantiate the TUF client we need, or no client if we are provided a custom trusted root. Note that `gh attestation verify` still requires authentication, that is being addressed in https://github.com/cli/cli/pull/8995. Some other changes are coming along for the ride: - Set TUF cache validity to 1 day, to help serial verification - Attempt to infer verification policy based on custom trusted root - Make command output more friendly if you leave off required arguments Signed-off-by: Zach Steindler <steiza@github.com>	2024-04-24 10:24:23 -04:00
Meredith Lancaster	e30dd40c9e	`gh attestation tuf-root-verify` offline test fix (#8975 ) * pass TUF client constructor as an arugment for offline unit testing Signed-off-by: Meredith Lancaster <malancas@github.com> * update func name Signed-off-by: Meredith Lancaster <malancas@github.com> * simplify naming Signed-off-by: Meredith Lancaster <malancas@github.com> * pr feedback, rename type Signed-off-by: Meredith Lancaster <malancas@github.com> --------- Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-04-23 07:54:45 -06:00
Kaan Uzdoğan	18d8079d6f	Update create.go	2024-04-22 17:59:03 +02:00
Kaan Uzdoğan	4090f0488f	Add --latest=false to `gh release create` docs	2024-04-22 17:52:27 +02:00
Stanislav Ochotnický	4aa18a9b9a	Make it clearer that job flag is meant to be an ID	2024-04-17 13:53:55 +02:00
Stanislav Ochotnický	40be4b366c	Ignore run-id when providing also job for rerun This makes the behaviour consistent with gh run view.	2024-04-17 13:49:16 +02:00
William Martin	fd4f2c9c1f	Merge pull request #8620 from heaths/merge-json Merge JSON responses from `gh api`	2024-04-17 11:45:13 +02:00
Heath Stewart	2758b80013	Remove unnecessary --help comment	2024-04-15 21:38:16 -07:00
Babak K. Shandiz	cfb0590d00	Merge branch 'trunk' into 8426-add-pr-update-cmd-no-local-update Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>	2024-04-14 12:26:21 +01:00
Babak K. Shandiz	07f954229f	Add test to verify `--repo` requires non-empty selector Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>	2024-04-14 12:25:35 +01:00
Babak K. Shandiz	f85d0ebaed	Require non-empty selector when `--repo` override is used Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>	2024-04-14 12:25:01 +01:00
Babak K. Shandiz	1992fdeb1a	Use `filepath.Join` to support different platforms Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>	2024-04-14 00:09:53 +01:00
Babak K. Shandiz	f05a5ccb6b	Merge branch 'trunk' into 8508-add-skip-ssh-key-option Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>	2024-04-13 21:17:16 +01:00
Babak K. Shandiz	a269032fd3	Refactor into table tests Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>	2024-04-13 21:13:12 +01:00
Babak K. Shandiz	2c6343ad56	Explain `--skip-ssh-key` usage in long doc Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>	2024-04-13 15:47:44 +01:00
Andy Feller	a42450e9a3	Merge pull request #8949 from steiza/steiza/multi-attestation Add support to `attestation` command for more predicate types.	2024-04-12 11:12:59 -04:00
Meredith Lancaster	02158e896b	Fix `attestation` cmd offline unit test failure (#8933 ) * pass policy to Verify method Signed-off-by: Meredith Lancaster <malancas@github.com> * remove policy argument from SigstoreVerifier constructor Signed-off-by: Meredith Lancaster <malancas@github.com> * add SigstoreVerifier interface and introduce mock SigstoreVerifier struct for unit testing Signed-off-by: Meredith Lancaster <malancas@github.com> * gofmt Signed-off-by: Meredith Lancaster <malancas@github.com> * rename LiveSigstoreVerifier constructor Signed-off-by: Meredith Lancaster <malancas@github.com> * pr feedback, add todos for tests that need to be reimplemented Signed-off-by: Meredith Lancaster <malancas@github.com> * remove unused import Signed-off-by: Meredith Lancaster <malancas@github.com> * add more missing TODO statements Signed-off-by: Meredith Lancaster <malancas@github.com> * update skipped test Signed-off-by: Meredith Lancaster <malancas@github.com> --------- Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-04-11 18:09:10 -06:00
Babak K. Shandiz	9230b0c60e	Register `update` command Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>	2024-04-10 19:21:20 +01:00
Babak K. Shandiz	a81cf0b89e	Add tests for `pr update` command Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>	2024-04-10 19:20:59 +01:00
Babak K. Shandiz	a828e05baa	Add `pr update` command Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>	2024-04-10 19:20:44 +01:00
Zach Steindler	f0a1e2707c	Change subcommands default to be more user friendly Signed-off-by: Zach Steindler <steiza@github.com>	2024-04-10 10:11:33 -04:00
Zach Steindler	2b293c4840	Add unit test, update naming, ensure DSSE envelope is in-toto Signed-off-by: Zach Steindler <steiza@github.com>	2024-04-10 09:49:34 -04:00
Zach Steindler	c96fb7c553	Updates from linter feedback Signed-off-by: Zach Steindler <steiza@github.com>	2024-04-09 17:34:45 -04:00
Zach Steindler	643f4031b2	Add support to `attestation` command for more predicate types. Before, we required all attestations have predicateType https://slsa.dev/provenance/v1. This allows you to use other predicate types, and adds the ability to filter responses from the API for a particular predicate type. Signed-off-by: Zach Steindler <steiza@github.com>	2024-04-09 17:26:32 -04:00
Andy Feller	88a7e529ab	Merge pull request #8762 from Ebonsignori/8761/allow-multiple-items-in-nested-array allow multiple items in nested array	2024-04-09 14:23:19 -04:00
Andy Feller	6a55528882	Merge pull request #8899 from babakks/8679-include-num-selected-repos Include `numSelectedRepos` in JSON output of `gh secret list`	2024-04-09 13:18:50 -04:00
William Martin	61584b83cb	Close zip file in run view tests	2024-04-08 16:50:43 +02:00
William Martin	bbeccd69ad	Ensure run log cache creates cache dir if it doesn't exist	2024-04-08 15:51:29 +02:00
Babak K. Shandiz	8839ee7ddf	Test `--skip-ssh-key` is captured correctly Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>	2024-04-06 13:11:02 +01:00
Babak K. Shandiz	0a77c56c44	Add test to verify skipped SSH key prompts Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>	2024-04-06 12:47:09 +01:00
Babak K. Shandiz	cf9699bbbb	Add `--skip-ssh-key` to options Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>	2024-04-06 12:46:05 +01:00
Babak K. Shandiz	3a3450fec5	Add `SkipSSHKey` field to `LoginOptions` Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>	2024-04-06 12:45:26 +01:00
Andy Feller	b722dd4151	Add tests for non-happy field paths This commit as a suite of test around different combination of `gh api` field scenarios that result in errors. In the course of creating this test, there were 2 scenarios that did not raise an error as expected involving overriding an existing map value.	2024-04-05 17:21:28 -04:00
William Martin	9738d68bba	Fix api cache test	2024-04-05 16:47:29 +02:00
William Martin	b6239238c8	Merge pull request #8931 from cli/wm/run-log-cache-stronger-abstraction Create stronger run log cache abstraction	2024-04-05 16:00:28 +02:00
William Martin	c2aee1e402	Ensure cache dir is always available in RunLogCache	2024-04-05 15:39:33 +02:00
William Martin	103586a94c	Remove RunLogCache interface	2024-04-05 15:33:49 +02:00
William Martin	a3ffc1ca33	Use real Run Log Cache in run view tests	2024-04-05 15:18:18 +02:00
William Martin	e644dc50d6	Capture error on Run Log Cache Exists	2024-04-05 15:16:12 +02:00
Andy Feller	b0a3975948	Merge pull request #8882 from zdrve/zdrve/job-name-prefix Anchor the log filename to the start	2024-04-05 09:11:50 -04:00
William Martin	a89d50fc63	Rework Run Log Cache so that cache dir is injected	2024-04-05 14:59:24 +02:00
Andy Feller	1540a37fee	Merge branch 'trunk' into fix-cannot-lock-pr-url	2024-04-05 08:13:44 -04:00
Babak K. Shandiz	d034a69164	Add comment to explain `showSelectedReposInfo` assignment Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>	2024-04-04 20:09:28 +01:00
Babak K. Shandiz	4aa7e75cd1	Rename const to avoid CodeQL error Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>	2024-04-04 20:06:45 +01:00
Babak K. Shandiz	d8ff343d5c	Add tests to verify `numSelectedRepos` is populated when necessary Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>	2024-04-04 19:49:34 +01:00
Babak K. Shandiz	e42b8b7e6b	Populate `numSelectedRepos` only if needed Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>	2024-04-04 19:48:44 +01:00
Heath Stewart	4ea7bcacb3	Run defers in queue	2024-04-04 01:26:10 -07:00
Heath Stewart	a76af8588c	Resolve PR comments	2024-04-04 01:26:09 -07:00
Heath Stewart	e83e049306	Wrap JSON arrays, objects in array with --slurp Effectively copies `jq --slurp` since `--jq` already uses the same grammar.	2024-04-04 01:26:05 -07:00

... 43 44 45 46 47 ...

5446 commits