STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
7787 commits 87 branches 0 tags 160 MiB
Commit graph

70 commits

Author SHA1 Message Date
Eugene
04e111db03
Merge branch 'trunk' into eugene/attestation/fetch-oci-bundle 2024-08-15 13:31:41 -04:00
ejahnGithub
05891965d0 udpate the options 2024-08-15 11:56:28 -04:00
ejahnGithub
5ae03d6e87 addded more test 2024-08-12 07:10:19 -07:00
Cody Soyland
35b2cf70cf
Change to requiring bundle v0.2 
Signed-off-by: Cody Soyland <codysoyland@github.com>
 2024-08-09 16:36:16 -04:00
Cody Soyland
b783441540
Fix tests 
Signed-off-by: Cody Soyland <codysoyland@github.com>
 2024-08-09 16:14:04 -04:00
Cody Soyland
574e131072
Require Sigstore Bundle v0.3 when verifying with gh attestation 
Signed-off-by: Cody Soyland <codysoyland@github.com>
 2024-08-09 16:02:04 -04:00
Eugene
cc0fe091c4
Merge branch 'trunk' into eugene/attestation/fetch-oci-bundle 2024-08-07 10:21:34 -07:00
ejahnGithub
832a43072c minor fixed 2024-08-07 10:19:47 -07:00
ejahnGithub
d1cd69c81c minor fixed 2024-08-07 10:16:30 -07:00
ejahnGithub
57aea664e5 added test 2024-08-07 10:10:59 -07:00
ejahnGithub
bad127c342 clean naming 2024-08-05 12:56:35 -07:00
ejahnGithub
8ae4f1cfb9 add contain check 2024-08-05 12:53:43 -07:00
ejahnGithub
8d17896080 refactor the logic and logging 2024-08-05 12:25:52 -07:00
ejahnGithub
20d3931427 tmp 2024-08-05 09:11:25 -07:00
Yukai Chou
d7b8ecf33d Unify use of tab indent in non-test source files 
Found with
    rg '(^ | \t|\t )' -g '*.go' -g '!*_test.go'

Mixed indent exceptions:
- wrapped long list items with extra 2-space indent
- code snippets using space indent
- commented code lines having "\t*// \t+" prefix
 2024-08-03 00:35:30 +08:00
ejahnGithub
1eaf712dd1 update test and remove logic to check SourceRepositoryOwnerURI is empty string 2024-07-31 07:29:43 -07:00
ejahnGithub
596ee8bd71 update test 2024-07-30 13:22:49 -07:00
ejahnGithub
580ddf6997 minor fix 2024-07-30 13:14:16 -07:00
ejahnGithub
e21e5ef5c5 update test 2024-07-30 13:09:28 -07:00
ejahnGithub
c1adb1a6cf added 2024-07-30 12:24:27 -07:00
ejahnGithub
dc4e9cb532 handle attest case insensitivity 2024-07-30 12:11:25 -07:00
Zach Steindler
658f125ab3
Update sigstore-go in gh CLI to v0.5.1 (#9366) 
Signed-off-by: Zach Steindler <steiza@github.com>
 2024-07-25 20:59:39 +02:00
Zach Steindler
a81a1f7e90
Remove attestation test that requires being online (#9340) 
Signed-off-by: Zach Steindler <steiza@github.com>
 2024-07-19 09:24:47 -04:00
Zach Steindler
f972050dc9
gh attestation trusted-root subcommand (#9206) 
Adds `trusted-root` subcommand to `gh attestation`.

For use in upcoming docs on how to do offline verification with artifact
attestations.

---------

Signed-off-by: Zach Steindler <steiza@github.com>
Co-authored-by: Fredrik Skogman <kommendorkapten@github.com>
 2024-07-01 11:50:39 -04:00
Phill MV
c9f9fac7dc
Update pkg/cmd/attestation/verify/verify.go 
Co-authored-by: Andy Feller <andyfeller@github.com>
 2024-06-24 13:33:10 -04:00
Phill MV
c25dacc33e
Update pkg/cmd/attestation/verify/verify.go 
Co-authored-by: Andy Feller <andyfeller@github.com>
 2024-06-24 13:32:51 -04:00
Phill MV
06607d3e95 s/originated/caller/ workflow 2024-06-24 10:05:58 -04:00
William Martin
d7c56bfb13 Remove beta note from attestation top level command 2024-06-24 15:46:00 +02:00
William Martin
846b6ec20b Fix whitespacing 2024-06-24 15:41:22 +02:00
Phill MV
8318e7a1de
Actually, let's keep download in beta for now. 2024-06-24 09:32:32 -04:00
Phill MV
40abc9a785 Removed beta note from gh at download. 2024-06-23 21:54:01 -04:00
Phill MV
152607e0e8 Removed beta note from gh at verify, clarified reusable workflows use case. 2024-06-23 21:53:09 -04:00
Forrin
c572383bda
Attestation Verification - Buffer Fix (#9198) 
* swap scanner to readline for attestations
* replace readLine with readBytes
 2024-06-14 13:55:58 -04:00
Phill MV
e8a13cfed3 replaced deprecated --json-result flag with --format=json in the gh at docstring. 2024-06-04 15:52:54 -04:00
Meredith Lancaster
cd5562f5ac
Add signer-repo and signer-workflow flags to gh attestation verify (#9137) 
* add signer-repo and signer-workflow flags

Signed-off-by: Meredith Lancaster <malancas@github.com>

* add check for SignerRepo option

Signed-off-by: Meredith Lancaster <malancas@github.com>

* add helper function and comment for clarity

Signed-off-by: Meredith Lancaster <malancas@github.com>

* update flag comment

Signed-off-by: Meredith Lancaster <malancas@github.com>

* reference correct field

Signed-off-by: Meredith Lancaster <malancas@github.com>

* move function to more relevant file

Signed-off-by: Meredith Lancaster <malancas@github.com>

* Update pkg/cmd/attestation/verify/verify.go

Co-authored-by: Zach Steindler <steiza@github.com>

* Update pkg/cmd/attestation/verify/verify.go

Co-authored-by: Zach Steindler <steiza@github.com>

* make all reusable workflow flags mutually exclusive

Signed-off-by: Meredith Lancaster <malancas@github.com>

* accept signer workflow without host

Signed-off-by: Meredith Lancaster <malancas@github.com>

* support client optionally providing host with signer workflow flag

Signed-off-by: Meredith Lancaster <malancas@github.com>

* comment

Signed-off-by: Meredith Lancaster <malancas@github.com>

* add tests for parsing signer workflow

Signed-off-by: Meredith Lancaster <malancas@github.com>

---------

Signed-off-by: Meredith Lancaster <malancas@github.com>
Co-authored-by: Zach Steindler <steiza@github.com>
 2024-05-30 07:40:55 -06:00
Meredith Lancaster
8d0518645f
Add integration tests for gh attestation verify shared workflow use case (#9107) 
* add initial shared workflow use case tests and test data

Signed-off-by: Meredith Lancaster <malancas@github.com>

* add more shared workflow tests

Signed-off-by: Meredith Lancaster <malancas@github.com>

* cleanup tests

Signed-off-by: Meredith Lancaster <malancas@github.com>

* pr feedback, replace shared with reusable

Signed-off-by: Meredith Lancaster <malancas@github.com>

* use demo repository with reusable workflow tests

Signed-off-by: Meredith Lancaster <malancas@github.com>

---------

Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-05-28 07:13:34 -06:00
Viktor Szépe
6d9dd57774 Fix typos 2024-05-09 20:15:27 +00:00
Meredith Lancaster
c9e8fd6c64
Fix attestation verify source repository check bug (#9053) 
* add build source repo URI extension when repo is provided, add integration tests for this change

Signed-off-by: Meredith Lancaster <malancas@github.com>

* add initial docs on specifying cert identity

Signed-off-by: Meredith Lancaster <malancas@github.com>

* wording

Signed-off-by: Meredith Lancaster <malancas@github.com>

* add reusable workflow example

Signed-off-by: Meredith Lancaster <malancas@github.com>

* add more test cases

Signed-off-by: Meredith Lancaster <malancas@github.com>

* tweak to verify docs

---------

Signed-off-by: Meredith Lancaster <malancas@github.com>
Co-authored-by: Phill MV <phillmv@github.com>
 2024-05-08 07:44:52 -06:00
Meredith Lancaster
6f350827d2
Run attestation command set integration tests separately (#9035) 
* rename and add integration build tag

Signed-off-by: Meredith Lancaster <malancas@github.com>

* run tests that include integration build tag in workflow

Signed-off-by: Meredith Lancaster <malancas@github.com>

---------

Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-05-02 08:07:44 -06:00
Phill MV
38ee906acc whitespace aligment for inspect/inspect.go 2024-04-29 16:40:30 -04:00
Phill MV
9523a99325 whitespace alignment in attestation/attestation.go 2024-04-29 16:38:35 -04:00
Phill MV
ce61fd8a06 Added tweaked note to tuf-root-verify 2024-04-29 16:31:28 -04:00
Phill MV
5619251faa Tweaked gh attestation help strings to generate nicer cli manual site. 2024-04-29 16:24:54 -04:00
Andy Feller
f5430ced2d
Merge pull request #9022 from cli/andyfeller/attestation-beta-usage 
Add beta designation on attestation command set
 2024-04-29 14:57:56 -04:00
Andy Feller
d51ae5ced9 Update attestation's beta designation 2024-04-29 14:45:20 -04:00
Andy Feller
57ca29b4b8
Merge pull request #9019 from cli/wm/attestation-host-checks 
Be more general with attestation host checks
 2024-04-29 13:44:21 -04:00
Andy Feller
0740c00f0a Add beta designation on attestation command set 
With the `gh attestation` command set going into public beta, users should be reminded the feature is in beta and subject to change.

Both the short and long help usage are updated for individual command `--help` as well as `gh reference`.
 2024-04-29 12:46:01 -04:00
Andy Feller
68dfd87f47
Merge pull request #9000 from cli/andyfeller/flag-level-disableauth 
proof of concept for flag-level disable auth check
 2024-04-29 12:15:49 -04:00
Andy Feller
cc36d32a21 Test gh at verify -b does not require auth 
Thanks to @williammartin, this completes the PR by ensuring the actual feature this new logic was added for actually works as expected :D
 2024-04-29 12:02:41 -04:00
William Martin
ef51cad663 Use ghinstance package for attestation host checks 2024-04-29 17:08:22 +02:00