STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
7469 commits 87 branches 0 tags 160 MiB
Commit graph

7469 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jason O'Donnell
1f07de7557 Fix doc bug for gh run watch 2024-05-06 12:04:52 -04:00
William Martin
4896546432
Merge pull request #8684 from shayn-orca/bugfix-7642 
Added support for jobs with long filenames
 2024-05-06 11:48:21 +02:00
William Martin
61a698a55a Add support for jobs with long filenames 
Co-authored-by: John Basila <john@orca.security>
Co-authored-by: Shay Nehmad <shay.nehmad@orca.security>
 2024-05-06 11:32:41 +02:00
Meredith Lancaster
6f350827d2
Run attestation command set integration tests separately (#9035) 
* rename and add integration build tag

Signed-off-by: Meredith Lancaster <malancas@github.com>

* run tests that include integration build tag in workflow

Signed-off-by: Meredith Lancaster <malancas@github.com>

---------

Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-05-02 08:07:44 -06:00
William Martin
65cfc684f8
Merge pull request #9034 from cli/dependabot/go_modules/golang.org/x/net-0.23.0 
build(deps): bump golang.org/x/net from 0.22.0 to 0.23.0
 2024-05-01 17:13:11 +02:00
dependabot[bot]
fea08d194c
build(deps): bump golang.org/x/net from 0.22.0 to 0.23.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.22.0 to 0.23.0.
- [Commits](https://github.com/golang/net/compare/v0.22.0...v0.23.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-05-01 15:04:39 +00:00
Andy Feller
a4353aca5f
Merge pull request #9032 from cli/9021-document-the-relationship-between-hosts-and-active-accounts-2 
Document relationship between host and active account
 2024-05-01 08:52:33 -04:00
William Martin
de394ec77c
Merge pull request #9033 from cli/wm/table-headers-no-mutate-wat 
Do not mutate headers when initialising tableprinter
 2024-05-01 14:19:43 +02:00
William Martin
4ca098b0c9 Adjust short and long to be the same 2024-05-01 14:17:08 +02:00
William Martin
cb357785dd Do not mutate headers when initialising tableprinter 2024-05-01 12:35:24 +02:00
William Martin
5a5b04d132 Document relationship between host and active account 2024-05-01 11:14:00 +02:00
Andy Feller
f2d6a8ec5c
Merge pull request #9030 from cli/wm/doc-clone 
Document repo clone protocol behaviour
 2024-04-30 09:03:11 -04:00
Andy Feller
1902b8be5c
Merge pull request #9023 from cli/andyfeller/go-gh-v2.9.0 
Update cli/go-gh to v2.9.0
 2024-04-30 08:59:10 -04:00
Andy Feller
d1f8c7d12e
Merge pull request #9025 from cli/phillmv/tweak-attestation-helpdocs 
Tweaked gh attestation help strings to generate nicer cli manual site.
 2024-04-30 08:57:21 -04:00
William Martin
825beef723 Document repo clone protocol behaviour 2024-04-30 08:22:49 +02:00
Phill MV
38ee906acc whitespace aligment for inspect/inspect.go 2024-04-29 16:40:30 -04:00
Phill MV
9523a99325 whitespace alignment in attestation/attestation.go 2024-04-29 16:38:35 -04:00
Phill MV
ce61fd8a06 Added tweaked note to tuf-root-verify 2024-04-29 16:31:28 -04:00
Phill MV
5619251faa Tweaked gh attestation help strings to generate nicer cli manual site. 2024-04-29 16:24:54 -04:00
Andy Feller
f5430ced2d
Merge pull request #9022 from cli/andyfeller/attestation-beta-usage 
Add beta designation on attestation command set
 2024-04-29 14:57:56 -04:00
Andy Feller
d51ae5ced9 Update attestation's beta designation 2024-04-29 14:45:20 -04:00
Andy Feller
2ef8232b9c Update cli/go-gh to v2.9.0 
This change updates the GitHub CLI extension library with fixes for calculating display width and exporting tenancy and enterprising logic.
 2024-04-29 14:14:59 -04:00
Andy Feller
57ca29b4b8
Merge pull request #9019 from cli/wm/attestation-host-checks 
Be more general with attestation host checks
 2024-04-29 13:44:21 -04:00
Andy Feller
0740c00f0a Add beta designation on attestation command set 
With the `gh attestation` command set going into public beta, users should be reminded the feature is in beta and subject to change.

Both the short and long help usage are updated for individual command `--help` as well as `gh reference`.
 2024-04-29 12:46:01 -04:00
Andy Feller
68dfd87f47
Merge pull request #9000 from cli/andyfeller/flag-level-disableauth 
proof of concept for flag-level disable auth check
 2024-04-29 12:15:49 -04:00
Andy Feller
cc36d32a21 Test gh at verify -b does not require auth 
Thanks to @williammartin, this completes the PR by ensuring the actual feature this new logic was added for actually works as expected :D
 2024-04-29 12:02:41 -04:00
William Martin
ef51cad663 Use ghinstance package for attestation host checks 2024-04-29 17:08:22 +02:00
Andy Feller
8e3afe55df Test cmdutil.IsAuthCheckEnabled cases 
This commit adds various test cases around whether a command will require authentication based on Cobra annotation metadata.
 2024-04-29 10:02:01 -04:00
Babak K. Shandiz
7c4e45cc9d
Fix issue with closing pager stream (#9020) 
Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>
 2024-04-29 15:48:08 +02:00
Babak K. Shandiz
7d432bcd3a
Support long URLs in gh repo clone (#9008) 
Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>
 2024-04-29 14:42:18 +02:00
Meredith Lancaster
1a35ce38ad check for enterprise host 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-04-29 14:06:22 +02:00
Andy Feller
f9f4c99010
Merge pull request #9007 from babakks/8960-add-projectsV2-field 
Add `projectsV2` to JSON fields of `gh repo` commands
 2024-04-29 07:52:51 -04:00
Andy Feller
d611ed4bf0 Add missing title field for projectv2 2024-04-29 07:42:53 -04:00
William Martin
6d8709bdd7
Merge pull request #8997 from steiza/steiza/attestation-verify-offline 
Support offline mode for `gh attestation verify`
 2024-04-29 12:22:08 +02:00
Babak K. Shandiz
985dee0e05
Match query fields with ProjectV2 type 
Co-authored-by: Andy Feller <andyfeller@github.com>
 2024-04-26 22:59:01 +01:00
Babak K. Shandiz
b294f6b3e1
Include URL in ProjectV2 type 
Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>
 2024-04-26 21:06:33 +01:00
Babak K. Shandiz
9e1f9d6101
Include projectsV2 in GraphQL query 
Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>
 2024-04-26 21:06:29 +01:00
William Martin
fc2aec380d
Merge pull request #8996 from cli/wm/improve-verify-error-messages 
Improve errors when loading bundle locally fails
 2024-04-26 17:48:37 +02:00
William Martin
cf2060ce9a Remove unnecessary defensive check 2024-04-26 17:20:26 +02:00
William Martin
439c95c55e Test verification failures when attestations are bad 2024-04-26 17:20:04 +02:00
William Martin
a0c06e170e Rework sigstore tests for easier maintenance 2024-04-26 16:56:13 +02:00
William Martin
054b306d09 Make error more obvious when bundle has wrong extension 2024-04-26 16:23:56 +02:00
Nero Blackstone​
93113e12ea
Add colon at the end of secret prompts (#9004) 2024-04-26 12:58:45 +02:00
Zach Steindler
1aefeec71b Use cmdutil.ExactArgs instead of MinimumArgs; also add tests 
Signed-off-by: Zach Steindler <steiza@github.com>
 2024-04-25 15:41:49 -04:00
Andy Feller
2d910406c6 proof of concept for flag-level disable auth check 
Building upon the existing command-level disable auth check logic, this commit adds flag-level disable auth check logic
for any flag set with `-b,--bundle` flag of `gh attestation verify` being the first use case.

Subsequent commit to build out testing is needed as IsAuthCheckEnabled does not have tests.
 2024-04-25 09:28:49 -04:00
Meredith Lancaster
28c4d3075b
remove hidden flag from attestation command (#8998) 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-04-25 07:27:00 -06:00
William Martin
156a697407
Merge pull request #8989 from cli/dependabot/go_modules/google.golang.org/grpc-1.62.2 
build(deps): bump google.golang.org/grpc from 1.62.1 to 1.62.2
 2024-04-25 15:02:07 +02:00
Meredith Lancaster
63640b16a7
Update gh attestation verify output (#8991) 
* start updating default verify cmd output

Signed-off-by: Meredith Lancaster <malancas@github.com>

* start adding support for printing a table of attestation details

Signed-off-by: Meredith Lancaster <malancas@github.com>

* extract attestation details from verification result

Signed-off-by: Meredith Lancaster <malancas@github.com>

* condense logging

Signed-off-by: Meredith Lancaster <malancas@github.com>

* update logging from feedback

Signed-off-by: Meredith Lancaster <malancas@github.com>

* update error logging

Signed-off-by: Meredith Lancaster <malancas@github.com>

* cleanup more error logging

Signed-off-by: Meredith Lancaster <malancas@github.com>

* include test data for printing to table in the mock sigstore verifier response

Signed-off-by: Meredith Lancaster <malancas@github.com>

* fix linter err

Signed-off-by: Meredith Lancaster <malancas@github.com>

* Update pkg/cmd/attestation/verification/mock_verifier.go

Co-authored-by: Phill MV <phillmv@github.com>

---------

Signed-off-by: Meredith Lancaster <malancas@github.com>
Co-authored-by: Phill MV <phillmv@github.com>
 2024-04-24 14:03:35 -06:00
Zach Steindler
caf0546a11 Just base verification policy on trusted root, not bundle 
Signed-off-by: Zach Steindler <steiza@github.com>
 2024-04-24 11:02:53 -04:00
Zach Steindler
d9f7b922d0 Support offline mode for gh attestation verify 
The main change is previously we always instantiated a TUF client for
the public good and GitHub Sigstore instances. Now we only instantiate
the TUF client we need, or no client if we are provided a
custom trusted root.

Note that `gh attestation verify` still requires authentication, that is
being addressed in https://github.com/cli/cli/pull/8995.

Some other changes are coming along for the ride:
- Set TUF cache validity to 1 day, to help serial verification
- Attempt to infer verification policy based on custom trusted root
- Make command output more friendly if you leave off required arguments

Signed-off-by: Zach Steindler <steiza@github.com>
 2024-04-24 10:24:23 -04:00