STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
8208 commits 87 branches 0 tags 160 MiB
Commit graph

152 commits

Author SHA1 Message Date
Meredith Lancaster
bf4f04f797 Merge branch 'trunk' into attestation-refactor-policy 2024-10-30 16:14:30 -06:00
Meredith Lancaster
84c823c55f clean up extension verification tests 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-30 16:12:57 -06:00
Meredith Lancaster
8b02c43085 add tests for newEnforcementCriteria 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-30 16:05:39 -06:00
Meredith Lancaster
1652051fc2
Merge pull request #9825 from malancas/verify-provenance-predicate-by-default 
`gh attestation verify` should only verify provenance attestations by default
 2024-10-30 15:45:18 -06:00
Meredith Lancaster
4fa5f0c5ee update extensions test 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-30 15:44:53 -06:00
Meredith Lancaster
fa2574c1a8 Merge remote-tracking branch 'upstream/trunk' into attestation-refactor-policy 2024-10-30 15:29:27 -06:00
Meredith Lancaster
93c78a2134 use sigstore specific err 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-30 15:28:34 -06:00
Meredith Lancaster
b44c9d3003 undo policy method changes 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-30 15:23:50 -06:00
Meredith Lancaster
3378b546da simplify if else logic 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-30 12:58:40 -06:00
Meredith Lancaster
41c3ba5fa7 drop sigstore instance for now 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-29 18:19:19 -06:00
Meredith Lancaster
e16b69bd08 cert extension funcs are now policy methods 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-29 17:27:47 -06:00
Meredith Lancaster
e5b2b09a6e move policy functions into methods 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-29 16:41:17 -06:00
Meredith Lancaster
704de0cf37 start building a separate policy struct 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-29 15:33:24 -06:00
Meredith Lancaster
384057c2e2 bold all flags in docs 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-29 11:54:42 -06:00
Meredith Lancaster
271450883e
Update pkg/cmd/attestation/verify/verify.go 
Co-authored-by: Phill MV <phillmv@github.com>
 2024-10-29 11:53:28 -06:00
Meredith Lancaster
15d7e33ddb update references 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-29 07:11:51 -06:00
Meredith Lancaster
7bfddec046 fix references 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-29 07:09:45 -06:00
Meredith Lancaster
efa6fafc47
Update pkg/cmd/attestation/verification/attestation.go 
Co-authored-by: Phill MV <phillmv@github.com>
 2024-10-29 07:06:23 -06:00
Meredith Lancaster
7598c4a58f organize 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-28 15:38:06 -06:00
Meredith Lancaster
f8f3502cac doc updates 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-28 15:37:58 -06:00
Meredith Lancaster
8a8f224a7a fix test 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-28 15:28:00 -06:00
Meredith Lancaster
4ec696dacd create common test fixture, organize tests 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-28 13:40:48 -06:00
Meredith Lancaster
502856082e table tests 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-28 13:40:23 -06:00
Meredith Lancaster
f8b0f5e687 clean up test 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-28 13:02:12 -06:00
Meredith Lancaster
ce5bde4379 simplify signer workflow validation tests 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-28 12:59:04 -06:00
Meredith Lancaster
a820457b09 clean up skipped online tests 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-28 11:47:31 -06:00
Meredith Lancaster
9ddaf13ef5 add predicate type to integration tests 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-25 15:32:16 -06:00
Meredith Lancaster
cef335c698 update tests to include predicate type 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-25 15:26:32 -06:00
Meredith Lancaster
28fa42a324 message formatting 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-25 15:00:11 -06:00
Meredith Lancaster
fa6536493f predicate-type is no longer empty 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-25 14:54:52 -06:00
Meredith Lancaster
e8013c0778 update documentation to indclude predicate-type information 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-25 14:04:54 -06:00
Meredith Lancaster
4d57c79770 set provenance predicate type as default for predicate-type flag 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-24 11:40:55 -06:00
Phill MV
afa4272bdf
Merge pull request #9797 from cli/phillmv/retry-getting-attestations 
`gh at verify` retries fetching attestations if it receives a 5xx
 2024-10-23 13:45:09 -04:00
bagtoad
04add8d68f Use new GitHub previews terminology in attestation 
Update attestations commands to align with new GitHub previews terminology, replacing `beta` with `public preview`.

https://github.blog/changelog/2024-10-18-new-terminology-for-github-previews/
 2024-10-22 10:50:00 -06:00
Phill MV
de4c05fb61 Linting: now that mockDataGenerator has an embedded mock, we ought to have pointer receivers in its funcs. 2024-10-21 14:32:32 -04:00
Phill MV
a8b3f050ac
Merge branch 'trunk' into phillmv/fail-verification-if-no-attestations 2024-10-21 12:49:41 -04:00
Phill MV
e7446676b6 Minor tweaks, added backoff to getTrustDomain 2024-10-21 12:44:51 -04:00
Phill MV
fafda48905 added test for verifying we do 3 retries when fetching attestations. 2024-10-21 12:32:57 -04:00
Phill MV
efc1c97cf1 Added constant backoff retry to getAttestations. 2024-10-21 12:10:18 -04:00
Phill MV
664e09fdbc wip: added test that fails in the absence of a backoff. 2024-10-21 11:20:46 -04:00
Tyler McGoffin
8109594c4c auth: Removed redundant ghauth.IsTenancy(host) check 2024-10-15 11:56:43 -07:00
Tyler McGoffin
81591a09b8 Use go-gh/auth package for IsEnterprise, IsTenancy, and NormalizeHostname 2024-10-15 11:56:43 -07:00
Phill MV
28c2308458 While we're at it, let's ensure VerifyCertExtensions can't be tricked the same way. 2024-10-10 11:22:22 -04:00
Phill MV
aaea0166e2 If provided with zero attestations to verify, the LiveSigstoreVerifier.Verify func should return an error. 2024-10-09 16:51:00 -04:00
Brian DeHamer
5f60b3ca3e
Merge branch 'trunk' into bdehamer/att-trusted-root-tenant-aware 2024-09-20 09:22:40 -07:00
Brian DeHamer
8123de9722
fix tenant-awareness for trusted-root command 
Signed-off-by: Brian DeHamer <bdehamer@github.com>
 2024-09-18 14:05:04 -07:00
bagtoad
d8e77d256f Use new HasActiveToken method in trustedroot.go 2024-09-18 10:35:11 -06:00
Brian DeHamer
3bcedfe7f0
Update pkg/cmd/attestation/trustedroot/trustedroot_test.go 
Co-authored-by: Fredrik Skogman <kommendorkapten@github.com>
 2024-09-17 14:18:00 -07:00
Brian DeHamer
cbe8525321
enforce auth for tenancy 
Signed-off-by: Brian DeHamer <bdehamer@github.com>
 2024-09-16 13:52:57 -07:00
Brian DeHamer
8e8fc696f1
disable auth check for att trusted-root cmd 
Signed-off-by: Brian DeHamer <bdehamer@github.com>
 2024-09-16 12:55:18 -07:00