STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
9163 commits 87 branches 0 tags 160 MiB
Commit graph

15 commits

Author SHA1 Message Date
William Martin
db823c18b8 Allow injection of TUFMetadataDir in tests 
This avoids multiple tests using the same dir for metadata, which was causing flakes
 2025-02-20 17:04:30 +01:00
William Martin
9c90e3aac9 Use subtests in attestation verification integration tests 2025-02-18 16:44:48 +01:00
Meredith Lancaster
eae3b5baec Merge branch 'trunk' into verify-attestation-monotonic-tests 2024-11-06 09:41:33 -07:00
Meredith Lancaster
23374d8c62 undo sigstore verify result handling changes for now 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 12:49:01 -06:00
Meredith Lancaster
56731c9b70 remove unneeded result handling struct 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 12:26:06 -06:00
Meredith Lancaster
26e04932f2 split out individual sigstore verification 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 11:59:32 -06:00
Meredith Lancaster
3e90628abb add test for sigstore monotonic verification 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-31 11:23:15 -06:00
Meredith Lancaster
8a8f224a7a fix test 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-28 15:28:00 -06:00
Meredith Lancaster
502856082e table tests 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-28 13:40:23 -06:00
Phill MV
aaea0166e2 If provided with zero attestations to verify, the LiveSigstoreVerifier.Verify func should return an error. 2024-10-09 16:51:00 -04:00
Cody Soyland
500b619a5e
Move non-integration test to different test file 
Signed-off-by: Cody Soyland <codysoyland@github.com>
 2024-09-06 13:55:25 -04:00
Cody Soyland
8446079656
Upgrade to sigstore-go v0.6.1 
Signed-off-by: Cody Soyland <codysoyland@github.com>
 2024-09-04 16:38:13 -04:00
Cody Soyland
574e131072
Require Sigstore Bundle v0.3 when verifying with gh attestation 
Signed-off-by: Cody Soyland <codysoyland@github.com>
 2024-08-09 16:02:04 -04:00
Zach Steindler
f972050dc9
gh attestation trusted-root subcommand (#9206) 
Adds `trusted-root` subcommand to `gh attestation`.

For use in upcoming docs on how to do offline verification with artifact
attestations.

---------

Signed-off-by: Zach Steindler <steiza@github.com>
Co-authored-by: Fredrik Skogman <kommendorkapten@github.com>
 2024-07-01 11:50:39 -04:00
Meredith Lancaster
6f350827d2
Run attestation command set integration tests separately (#9035) 
* rename and add integration build tag

Signed-off-by: Meredith Lancaster <malancas@github.com>

* run tests that include integration build tag in workflow

Signed-off-by: Meredith Lancaster <malancas@github.com>

---------

Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-05-02 08:07:44 -06:00
Renamed from pkg/cmd/attestation/verification/sigstore_test.go (Browse further)