STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
8596 commits 87 branches 0 tags 160 MiB
Commit graph

16 commits

Author SHA1 Message Date
Meredith Lancaster
90f5dae82b Merge branch 'trunk' into consolidate-verify-policy-options-config 2024-12-13 15:23:01 -07:00
Meredith Lancaster
67798b06c0 use github owned oci image 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-12-06 08:32:16 -07:00
Meredith Lancaster
2b7c6f6a16 add integration test for bundle-from-oci option 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-12-05 09:58:27 -07:00
Meredith Lancaster
b4dfc9fc72 update tests 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-12-04 14:59:10 -07:00
Meredith Lancaster
1652051fc2
Merge pull request #9825 from malancas/verify-provenance-predicate-by-default 
`gh attestation verify` should only verify provenance attestations by default
 2024-10-30 15:45:18 -06:00
Meredith Lancaster
15d7e33ddb update references 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-29 07:11:51 -06:00
Meredith Lancaster
a820457b09 clean up skipped online tests 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-28 11:47:31 -06:00
Meredith Lancaster
9ddaf13ef5 add predicate type to integration tests 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-10-25 15:32:16 -06:00
Brian DeHamer
8c8423aa3d
better error for att verify custom issuer mismatch 
Signed-off-by: Brian DeHamer <bdehamer@github.com>
Co-authored-by: Zach Steindler <steiza@github.com>
Co-authored-by: Phill MV <phillmv@github.com>
 2024-09-16 12:38:12 -07:00
Brian DeHamer
f128ae8349
add att verify test for custom OIDC issuer 
Signed-off-by: Brian DeHamer <bdehamer@github.com>
 2024-09-11 12:49:06 -07:00
Fredrik Skogman
1b59ec8ad0
This commit introduces tenancy aware attestation policy building. 
This is done by inspecting the current hostname to determine if
tenancy is enabled.

The attestation commands also accepts a --hostname parameter, that
is used to pick the current host, similar to how the GH_HOST variable
can be used.

Signed-off-by: Fredrik Skogman <kommendorkapten@github.com>
 2024-09-11 10:49:17 +02:00
ejahnGithub
596ee8bd71 update test 2024-07-30 13:22:49 -07:00
Zach Steindler
658f125ab3
Update sigstore-go in gh CLI to v0.5.1 (#9366) 
Signed-off-by: Zach Steindler <steiza@github.com>
 2024-07-25 20:59:39 +02:00
Meredith Lancaster
cd5562f5ac
Add signer-repo and signer-workflow flags to gh attestation verify (#9137) 
* add signer-repo and signer-workflow flags

Signed-off-by: Meredith Lancaster <malancas@github.com>

* add check for SignerRepo option

Signed-off-by: Meredith Lancaster <malancas@github.com>

* add helper function and comment for clarity

Signed-off-by: Meredith Lancaster <malancas@github.com>

* update flag comment

Signed-off-by: Meredith Lancaster <malancas@github.com>

* reference correct field

Signed-off-by: Meredith Lancaster <malancas@github.com>

* move function to more relevant file

Signed-off-by: Meredith Lancaster <malancas@github.com>

* Update pkg/cmd/attestation/verify/verify.go

Co-authored-by: Zach Steindler <steiza@github.com>

* Update pkg/cmd/attestation/verify/verify.go

Co-authored-by: Zach Steindler <steiza@github.com>

* make all reusable workflow flags mutually exclusive

Signed-off-by: Meredith Lancaster <malancas@github.com>

* accept signer workflow without host

Signed-off-by: Meredith Lancaster <malancas@github.com>

* support client optionally providing host with signer workflow flag

Signed-off-by: Meredith Lancaster <malancas@github.com>

* comment

Signed-off-by: Meredith Lancaster <malancas@github.com>

* add tests for parsing signer workflow

Signed-off-by: Meredith Lancaster <malancas@github.com>

---------

Signed-off-by: Meredith Lancaster <malancas@github.com>
Co-authored-by: Zach Steindler <steiza@github.com>
 2024-05-30 07:40:55 -06:00
Meredith Lancaster
8d0518645f
Add integration tests for gh attestation verify shared workflow use case (#9107) 
* add initial shared workflow use case tests and test data

Signed-off-by: Meredith Lancaster <malancas@github.com>

* add more shared workflow tests

Signed-off-by: Meredith Lancaster <malancas@github.com>

* cleanup tests

Signed-off-by: Meredith Lancaster <malancas@github.com>

* pr feedback, replace shared with reusable

Signed-off-by: Meredith Lancaster <malancas@github.com>

* use demo repository with reusable workflow tests

Signed-off-by: Meredith Lancaster <malancas@github.com>

---------

Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-05-28 07:13:34 -06:00
Meredith Lancaster
c9e8fd6c64
Fix attestation verify source repository check bug (#9053) 
* add build source repo URI extension when repo is provided, add integration tests for this change

Signed-off-by: Meredith Lancaster <malancas@github.com>

* add initial docs on specifying cert identity

Signed-off-by: Meredith Lancaster <malancas@github.com>

* wording

Signed-off-by: Meredith Lancaster <malancas@github.com>

* add reusable workflow example

Signed-off-by: Meredith Lancaster <malancas@github.com>

* add more test cases

Signed-off-by: Meredith Lancaster <malancas@github.com>

* tweak to verify docs

---------

Signed-off-by: Meredith Lancaster <malancas@github.com>
Co-authored-by: Phill MV <phillmv@github.com>
 2024-05-08 07:44:52 -06:00