STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
7827 commits 87 branches 0 tags 160 MiB
Commit graph

76 commits

Author SHA1 Message Date
Aryan Bhosale
8305a49c3f
"offline" verification using the bundle of attestations without any additional handling of the file (#9523) 2024-08-26 09:58:29 -06:00
Eugene
e21d053faf
Merge branch 'trunk' into eugene/attestation/fetch-oci-bundle 2024-08-21 12:24:08 -04:00
ejahnGithub
0d38a2fd8e fixed the test 2024-08-21 10:52:42 -04:00
ejahnGithub
47a8f4bbdd update error message 2024-08-20 16:14:39 -04:00
ejahnGithub
3fd309bdde rename flag to bundle-from-oci 2024-08-19 10:29:01 -04:00
Eugene
04e111db03
Merge branch 'trunk' into eugene/attestation/fetch-oci-bundle 2024-08-15 13:31:41 -04:00
Cody Soyland
4618a267de
Update attestation TUF root 
Signed-off-by: Cody Soyland <codysoyland@github.com>
 2024-08-15 13:06:54 -04:00
ejahnGithub
05891965d0 udpate the options 2024-08-15 11:56:28 -04:00
ejahnGithub
5ae03d6e87 addded more test 2024-08-12 07:10:19 -07:00
Cody Soyland
35b2cf70cf
Change to requiring bundle v0.2 
Signed-off-by: Cody Soyland <codysoyland@github.com>
 2024-08-09 16:36:16 -04:00
Cody Soyland
b783441540
Fix tests 
Signed-off-by: Cody Soyland <codysoyland@github.com>
 2024-08-09 16:14:04 -04:00
Cody Soyland
574e131072
Require Sigstore Bundle v0.3 when verifying with gh attestation 
Signed-off-by: Cody Soyland <codysoyland@github.com>
 2024-08-09 16:02:04 -04:00
Eugene
cc0fe091c4
Merge branch 'trunk' into eugene/attestation/fetch-oci-bundle 2024-08-07 10:21:34 -07:00
ejahnGithub
832a43072c minor fixed 2024-08-07 10:19:47 -07:00
ejahnGithub
d1cd69c81c minor fixed 2024-08-07 10:16:30 -07:00
ejahnGithub
57aea664e5 added test 2024-08-07 10:10:59 -07:00
ejahnGithub
bad127c342 clean naming 2024-08-05 12:56:35 -07:00
ejahnGithub
8ae4f1cfb9 add contain check 2024-08-05 12:53:43 -07:00
ejahnGithub
8d17896080 refactor the logic and logging 2024-08-05 12:25:52 -07:00
ejahnGithub
20d3931427 tmp 2024-08-05 09:11:25 -07:00
Yukai Chou
d7b8ecf33d Unify use of tab indent in non-test source files 
Found with
    rg '(^ | \t|\t )' -g '*.go' -g '!*_test.go'

Mixed indent exceptions:
- wrapped long list items with extra 2-space indent
- code snippets using space indent
- commented code lines having "\t*// \t+" prefix
 2024-08-03 00:35:30 +08:00
ejahnGithub
1eaf712dd1 update test and remove logic to check SourceRepositoryOwnerURI is empty string 2024-07-31 07:29:43 -07:00
ejahnGithub
596ee8bd71 update test 2024-07-30 13:22:49 -07:00
ejahnGithub
580ddf6997 minor fix 2024-07-30 13:14:16 -07:00
ejahnGithub
e21e5ef5c5 update test 2024-07-30 13:09:28 -07:00
ejahnGithub
c1adb1a6cf added 2024-07-30 12:24:27 -07:00
ejahnGithub
dc4e9cb532 handle attest case insensitivity 2024-07-30 12:11:25 -07:00
Zach Steindler
658f125ab3
Update sigstore-go in gh CLI to v0.5.1 (#9366) 
Signed-off-by: Zach Steindler <steiza@github.com>
 2024-07-25 20:59:39 +02:00
Zach Steindler
a81a1f7e90
Remove attestation test that requires being online (#9340) 
Signed-off-by: Zach Steindler <steiza@github.com>
 2024-07-19 09:24:47 -04:00
Zach Steindler
f972050dc9
gh attestation trusted-root subcommand (#9206) 
Adds `trusted-root` subcommand to `gh attestation`.

For use in upcoming docs on how to do offline verification with artifact
attestations.

---------

Signed-off-by: Zach Steindler <steiza@github.com>
Co-authored-by: Fredrik Skogman <kommendorkapten@github.com>
 2024-07-01 11:50:39 -04:00
Phill MV
c9f9fac7dc
Update pkg/cmd/attestation/verify/verify.go 
Co-authored-by: Andy Feller <andyfeller@github.com>
 2024-06-24 13:33:10 -04:00
Phill MV
c25dacc33e
Update pkg/cmd/attestation/verify/verify.go 
Co-authored-by: Andy Feller <andyfeller@github.com>
 2024-06-24 13:32:51 -04:00
Phill MV
06607d3e95 s/originated/caller/ workflow 2024-06-24 10:05:58 -04:00
William Martin
d7c56bfb13 Remove beta note from attestation top level command 2024-06-24 15:46:00 +02:00
William Martin
846b6ec20b Fix whitespacing 2024-06-24 15:41:22 +02:00
Phill MV
8318e7a1de
Actually, let's keep download in beta for now. 2024-06-24 09:32:32 -04:00
Phill MV
40abc9a785 Removed beta note from gh at download. 2024-06-23 21:54:01 -04:00
Phill MV
152607e0e8 Removed beta note from gh at verify, clarified reusable workflows use case. 2024-06-23 21:53:09 -04:00
Forrin
c572383bda
Attestation Verification - Buffer Fix (#9198) 
* swap scanner to readline for attestations
* replace readLine with readBytes
 2024-06-14 13:55:58 -04:00
Phill MV
e8a13cfed3 replaced deprecated --json-result flag with --format=json in the gh at docstring. 2024-06-04 15:52:54 -04:00
Meredith Lancaster
cd5562f5ac
Add signer-repo and signer-workflow flags to gh attestation verify (#9137) 
* add signer-repo and signer-workflow flags

Signed-off-by: Meredith Lancaster <malancas@github.com>

* add check for SignerRepo option

Signed-off-by: Meredith Lancaster <malancas@github.com>

* add helper function and comment for clarity

Signed-off-by: Meredith Lancaster <malancas@github.com>

* update flag comment

Signed-off-by: Meredith Lancaster <malancas@github.com>

* reference correct field

Signed-off-by: Meredith Lancaster <malancas@github.com>

* move function to more relevant file

Signed-off-by: Meredith Lancaster <malancas@github.com>

* Update pkg/cmd/attestation/verify/verify.go

Co-authored-by: Zach Steindler <steiza@github.com>

* Update pkg/cmd/attestation/verify/verify.go

Co-authored-by: Zach Steindler <steiza@github.com>

* make all reusable workflow flags mutually exclusive

Signed-off-by: Meredith Lancaster <malancas@github.com>

* accept signer workflow without host

Signed-off-by: Meredith Lancaster <malancas@github.com>

* support client optionally providing host with signer workflow flag

Signed-off-by: Meredith Lancaster <malancas@github.com>

* comment

Signed-off-by: Meredith Lancaster <malancas@github.com>

* add tests for parsing signer workflow

Signed-off-by: Meredith Lancaster <malancas@github.com>

---------

Signed-off-by: Meredith Lancaster <malancas@github.com>
Co-authored-by: Zach Steindler <steiza@github.com>
 2024-05-30 07:40:55 -06:00
Meredith Lancaster
8d0518645f
Add integration tests for gh attestation verify shared workflow use case (#9107) 
* add initial shared workflow use case tests and test data

Signed-off-by: Meredith Lancaster <malancas@github.com>

* add more shared workflow tests

Signed-off-by: Meredith Lancaster <malancas@github.com>

* cleanup tests

Signed-off-by: Meredith Lancaster <malancas@github.com>

* pr feedback, replace shared with reusable

Signed-off-by: Meredith Lancaster <malancas@github.com>

* use demo repository with reusable workflow tests

Signed-off-by: Meredith Lancaster <malancas@github.com>

---------

Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-05-28 07:13:34 -06:00
Viktor Szépe
6d9dd57774 Fix typos 2024-05-09 20:15:27 +00:00
Meredith Lancaster
c9e8fd6c64
Fix attestation verify source repository check bug (#9053) 
* add build source repo URI extension when repo is provided, add integration tests for this change

Signed-off-by: Meredith Lancaster <malancas@github.com>

* add initial docs on specifying cert identity

Signed-off-by: Meredith Lancaster <malancas@github.com>

* wording

Signed-off-by: Meredith Lancaster <malancas@github.com>

* add reusable workflow example

Signed-off-by: Meredith Lancaster <malancas@github.com>

* add more test cases

Signed-off-by: Meredith Lancaster <malancas@github.com>

* tweak to verify docs

---------

Signed-off-by: Meredith Lancaster <malancas@github.com>
Co-authored-by: Phill MV <phillmv@github.com>
 2024-05-08 07:44:52 -06:00
Meredith Lancaster
6f350827d2
Run attestation command set integration tests separately (#9035) 
* rename and add integration build tag

Signed-off-by: Meredith Lancaster <malancas@github.com>

* run tests that include integration build tag in workflow

Signed-off-by: Meredith Lancaster <malancas@github.com>

---------

Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-05-02 08:07:44 -06:00
Phill MV
38ee906acc whitespace aligment for inspect/inspect.go 2024-04-29 16:40:30 -04:00
Phill MV
9523a99325 whitespace alignment in attestation/attestation.go 2024-04-29 16:38:35 -04:00
Phill MV
ce61fd8a06 Added tweaked note to tuf-root-verify 2024-04-29 16:31:28 -04:00
Phill MV
5619251faa Tweaked gh attestation help strings to generate nicer cli manual site. 2024-04-29 16:24:54 -04:00
Andy Feller
f5430ced2d
Merge pull request #9022 from cli/andyfeller/attestation-beta-usage 
Add beta designation on attestation command set
 2024-04-29 14:57:56 -04:00