STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
11279 commits 87 branches 0 tags 160 MiB
Commit graph

11279 commits

This branch
This branch
All branches
Author SHA1 Message Date
Meredith Lancaster
26e04932f2 split out individual sigstore verification 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 11:59:32 -06:00
Meredith Lancaster
3e90628abb add test for sigstore monotonic verification 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 11:23:15 -06:00
Meredith Lancaster
d29a4a751a update extension verification logic 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 10:44:36 -06:00
Meredith Lancaster
97262d8ce7 add test case for monotonic verification success 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 10:25:45 -06:00
Meredith Lancaster
01f63c5cc3 clean up unneeded struct 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 10:08:05 -06:00
Kynan Ware
30066b0042
Merge pull request #9844 from its-miroma/dnf5 
Set `dnf5` commands as default
 2024-10-31 09:42:14 -06:00
Meredith Lancaster
9cdeb31fc6 reorganize funcs 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 08:32:35 -06:00
Meredith Lancaster
61b60e9430 fix runner setting 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 08:19:33 -06:00
Meredith Lancaster
bb0dcd9db4 fix wrong field settings 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-30 17:19:15 -06:00
Meredith Lancaster
318bd90356 update extensions tests 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-30 16:21:15 -06:00
Meredith Lancaster
bf4f04f797 Merge branch 'trunk' into attestation-refactor-policy 2024-10-30 16:14:30 -06:00
Meredith Lancaster
84c823c55f clean up extension verification tests 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-30 16:12:57 -06:00
Meredith Lancaster
8b02c43085 add tests for newEnforcementCriteria 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-30 16:05:39 -06:00
Meredith Lancaster
1652051fc2
Merge pull request #9825 from malancas/verify-provenance-predicate-by-default 
`gh attestation verify` should only verify provenance attestations by default
 2024-10-30 15:45:18 -06:00
Meredith Lancaster
4fa5f0c5ee update extensions test 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-30 15:44:53 -06:00
Meredith Lancaster
fa2574c1a8 Merge remote-tracking branch 'upstream/trunk' into attestation-refactor-policy 2024-10-30 15:29:27 -06:00
Meredith Lancaster
93c78a2134 use sigstore specific err 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-30 15:28:34 -06:00
Meredith Lancaster
b44c9d3003 undo policy method changes 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-30 15:23:50 -06:00
Meredith Lancaster
bb5136007e
Merge pull request #9838 from malancas/attestation-clean-up-tests 
Clean up skipped online tests for `gh attestation verify`
 2024-10-30 13:28:44 -06:00
Andy Feller
3b4301f62a
Merge pull request #9845 from cli/andyfeller/9807-repo-edit-visibility-confirmation 
Require visibility confirmation in `gh repo edit`
 2024-10-30 15:20:51 -04:00
Meredith Lancaster
3378b546da simplify if else logic 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-30 12:58:40 -06:00
Andy Feller
3f5fc85e41 Assert stderr for gh repo edit visibility tests 2024-10-30 13:31:00 -04:00
Meredith Lancaster
41c3ba5fa7 drop sigstore instance for now 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-29 18:19:19 -06:00
Meredith Lancaster
e16b69bd08 cert extension funcs are now policy methods 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-29 17:27:47 -06:00
Meredith Lancaster
e5b2b09a6e move policy functions into methods 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-29 16:41:17 -06:00
Meredith Lancaster
704de0cf37 start building a separate policy struct 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-29 15:33:24 -06:00
Phill MV
dbbd83c566 wip, gh at inspect will check the signature on the bundle 2024-10-29 14:17:04 -04:00
Meredith Lancaster
384057c2e2 bold all flags in docs 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-29 11:54:42 -06:00
Meredith Lancaster
271450883e
Update pkg/cmd/attestation/verify/verify.go 
Co-authored-by: Phill MV <phillmv@github.com>
 2024-10-29 11:53:28 -06:00
Andy Feller
15b2db9277 Require visibility confirmation in gh repo edit 
This commit modifies interactive and non-interactive behaviors around `gh repo edit` as well as providing greater information about the impact.

1. `--help` usage is expanded to highlight the most significant consequences of changing visibility
1. `--help` usage and interactive experience call out GitHub Docs content that act as source of truth about full consequences of various changes
1. `gh repo edit` interactive experience will require confirmation for any visibility change
1. `gh repo edit` interactive experience will output potential stars and watchers lose regardless of visibility transition
1. `gh repo edit` will require `--visibility` flag to include new `--accept-visibility-change-consequences` flag regardless of interactivity
 2024-10-29 10:25:04 -04:00
Meredith Lancaster
15d7e33ddb update references 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-29 07:11:51 -06:00
Meredith Lancaster
7bfddec046 fix references 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-29 07:09:45 -06:00
Meredith Lancaster
efa6fafc47
Update pkg/cmd/attestation/verification/attestation.go 
Co-authored-by: Phill MV <phillmv@github.com>
 2024-10-29 07:06:23 -06:00
Miroma
a3f353d2f7
Set dnf5 commands as default 
Fedora 41 is now stable! 🎉

Closes #9840

Co-authored-by: Melamit64 <151834564+melamit@users.noreply.github.com>
 2024-10-29 09:52:03 +01:00
Meredith Lancaster
7598c4a58f organize 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-28 15:38:06 -06:00
Meredith Lancaster
f8f3502cac doc updates 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-28 15:37:58 -06:00
Meredith Lancaster
8a8f224a7a fix test 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-28 15:28:00 -06:00
Meredith Lancaster
4ec696dacd create common test fixture, organize tests 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-28 13:40:48 -06:00
Meredith Lancaster
502856082e table tests 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-28 13:40:23 -06:00
Meredith Lancaster
f8b0f5e687 clean up test 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-28 13:02:12 -06:00
Meredith Lancaster
ce5bde4379 simplify signer workflow validation tests 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-28 12:59:04 -06:00
Meredith Lancaster
a820457b09 clean up skipped online tests 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-28 11:47:31 -06:00
William Martin
14d339d9ba
Merge pull request #9810 from cli/andyfeller/testscript-extension 
Add comprehensive testscript for gh ext commandset
 2024-10-28 13:05:32 +01:00
Andy Feller
37da12a9d2 Rename similar to other coarse commandset tests 
Based on insights gained from reviewing conventions in #9815 with @jtmcg, I'm renaming this testscript to keep consistent with `gpg-key`, `label`, `ssh-key`, etc.
 2024-10-28 12:54:50 +01:00
Andy Feller
911f070936 Skip extension testscript if bash isn't available 
As this testscript creates a Bash-based script extension, the testscript should be skipped if it isn't on the path and executable.

Ideally, we would refactor this test to isolate that portion of the tests OR switch to a Go-based extension that can be compiled and run everywhere.
 2024-10-28 12:54:50 +01:00
Andy Feller
ed24477fd3 Add comprehensive testscript for gh ext commandset 
Rather than multiple separate testscripts per `gh ext` subcommand, this commit adds a comprehensive test around `gh extension` commandset.
 2024-10-28 12:54:47 +01:00
William Martin
7066cdeb26
Merge pull request #9815 from cli/andyfeller/testscripts-ruleset 
Add comprehensive testscript for `gh ruleset`
 2024-10-28 12:52:24 +01:00
Andy Feller
6dc86e5f40 Rename testscript for consistency 
Similar to `gpg-key`, `label`, `ssh-key`, this coarse grained testscript should be named after the commandset given it isn't a collection of targeted scenarios.
 2024-10-28 12:40:15 +01:00
Andy Feller
c27677bda6 Add comprehensive testscript for gh ruleset 2024-10-28 12:40:12 +01:00
William Martin
f35c123b71
Merge pull request #9816 from cli/jtmcg/testscripts-project 
Add acceptance test for `project` command
 2024-10-28 12:24:53 +01:00