STACKITGit/cli - Git hosting by STACKIT

Author	SHA1	Message	Date
Meredith Lancaster	bfd140c0e5	initial pass at fetching bundles with sas urls Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-11-06 07:57:18 -07:00
Meredith Lancaster	1652051fc2	Merge pull request #9825 from malancas/verify-provenance-predicate-by-default `gh attestation verify` should only verify provenance attestations by default	2024-10-30 15:45:18 -06:00
Meredith Lancaster	7bfddec046	fix references Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-29 07:09:45 -06:00
Meredith Lancaster	efa6fafc47	Update pkg/cmd/attestation/verification/attestation.go Co-authored-by: Phill MV <phillmv@github.com>	2024-10-29 07:06:23 -06:00
Meredith Lancaster	8a8f224a7a	fix test Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-28 15:28:00 -06:00
Meredith Lancaster	502856082e	table tests Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-28 13:40:23 -06:00
Meredith Lancaster	4d57c79770	set provenance predicate type as default for predicate-type flag Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-24 11:40:55 -06:00
Phill MV	28c2308458	While we're at it, let's ensure VerifyCertExtensions can't be tricked the same way.	2024-10-10 11:22:22 -04:00
Phill MV	aaea0166e2	If provided with zero attestations to verify, the LiveSigstoreVerifier.Verify func should return an error.	2024-10-09 16:51:00 -04:00
Brian DeHamer	2e13ec5d80	Merge pull request #9616 from cli/bdehamer/custom-issuer-error Better messaging for `attestation verify` custom issuer mismatch error	2024-09-16 12:52:12 -07:00
Brian DeHamer	8c8423aa3d	better error for att verify custom issuer mismatch Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: Zach Steindler <steiza@github.com> Co-authored-by: Phill MV <phillmv@github.com>	2024-09-16 12:38:12 -07:00
Meredith Lancaster	e381d54511	Merge pull request #9564 from malancas/verification-err-output Update `gh attestation verify` bundle parsing and validation errors	2024-09-13 09:27:07 -06:00
Fredrik Skogman	1b59ec8ad0	This commit introduces tenancy aware attestation policy building. This is done by inspecting the current hostname to determine if tenancy is enabled. The attestation commands also accepts a --hostname parameter, that is used to pick the current host, similar to how the GH_HOST variable can be used. Signed-off-by: Fredrik Skogman <kommendorkapten@github.com>	2024-09-11 10:49:17 +02:00
Meredith Lancaster	50d335566d	check specific err Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-09-10 10:47:06 -06:00
Meredith Lancaster	3814e82f9b	check err in GetLocalAttestations Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-09-10 10:32:46 -06:00
Meredith Lancaster	f748f9e65f	Merge remote-tracking branch 'upstream/trunk' into verification-err-output	2024-09-10 09:04:57 -06:00
Meredith Lancaster	83519e4e92	check for sigstore-go validation errs Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-09-10 07:54:45 -06:00
Meredith Lancaster	bbefc5b24f	handle os.PathError in GetLocalAttestations Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-09-09 08:53:11 -06:00
Meredith Lancaster	945e2b7eee	Merge branch 'trunk' into verification-err-output	2024-09-09 08:23:01 -06:00
Cody Soyland	500b619a5e	Move non-integration test to different test file Signed-off-by: Cody Soyland <codysoyland@github.com>	2024-09-06 13:55:25 -04:00
Meredith Lancaster	668706ccf5	print verify err Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-09-05 13:29:22 -06:00
Meredith Lancaster	57b20291bd	check for os.PathError Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-09-05 13:20:13 -06:00
Meredith Lancaster	7c405e8b6e	dont print err content Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-09-05 08:16:34 -06:00
Cody Soyland	ea1a3da1eb	Rename ProtobufBundle to Bundle Signed-off-by: Cody Soyland <codysoyland@github.com>	2024-09-04 16:45:02 -04:00
Cody Soyland	8446079656	Upgrade to sigstore-go v0.6.1 Signed-off-by: Cody Soyland <codysoyland@github.com>	2024-09-04 16:38:13 -04:00
Meredith Lancaster	1b67b354a9	update bundle file parsing err messages Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-09-04 13:30:30 -06:00
Meredith Lancaster	34d7ef7a0e	`gh attestation verify` handles empty JSONL files (#9541 ) * handle empty jsonl files Signed-off-by: Meredith Lancaster <malancas@github.com> * check processed attestations slice length Signed-off-by: Meredith Lancaster <malancas@github.com> * update err name and message Signed-off-by: Meredith Lancaster <malancas@github.com> --------- Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-09-04 10:31:41 -06:00
Aryan Bhosale	9a0a7d427e	verify 2nd artifact without swapping order (#9532 ) * verify 2nd artifact without swapping order possible solution to https://github.com/cli/cli/issues/9521#issuecomment-2310686619? * copy the mentioned test file and adds some extra lines * rm unnecessary import * Update pkg/cmd/attestation/verification/attestation_test.go Co-authored-by: Meredith Lancaster <malancas@users.noreply.github.com> * gofmt --------- Co-authored-by: Meredith Lancaster <malancas@users.noreply.github.com>	2024-09-04 08:57:56 -06:00
Aryan Bhosale	8305a49c3f	"offline" verification using the bundle of attestations without any additional handling of the file (#9523 )	2024-08-26 09:58:29 -06:00
Eugene	e21d053faf	Merge branch 'trunk' into eugene/attestation/fetch-oci-bundle	2024-08-21 12:24:08 -04:00
ejahnGithub	47a8f4bbdd	update error message	2024-08-20 16:14:39 -04:00
Eugene	04e111db03	Merge branch 'trunk' into eugene/attestation/fetch-oci-bundle	2024-08-15 13:31:41 -04:00
Cody Soyland	4618a267de	Update attestation TUF root Signed-off-by: Cody Soyland <codysoyland@github.com>	2024-08-15 13:06:54 -04:00
ejahnGithub	5ae03d6e87	addded more test	2024-08-12 07:10:19 -07:00
Cody Soyland	35b2cf70cf	Change to requiring bundle v0.2 Signed-off-by: Cody Soyland <codysoyland@github.com>	2024-08-09 16:36:16 -04:00
Cody Soyland	574e131072	Require Sigstore Bundle v0.3 when verifying with `gh attestation` Signed-off-by: Cody Soyland <codysoyland@github.com>	2024-08-09 16:02:04 -04:00
ejahnGithub	57aea664e5	added test	2024-08-07 10:10:59 -07:00
ejahnGithub	8d17896080	refactor the logic and logging	2024-08-05 12:25:52 -07:00
ejahnGithub	1eaf712dd1	update test and remove logic to check SourceRepositoryOwnerURI is empty string	2024-07-31 07:29:43 -07:00
ejahnGithub	596ee8bd71	update test	2024-07-30 13:22:49 -07:00
ejahnGithub	580ddf6997	minor fix	2024-07-30 13:14:16 -07:00
ejahnGithub	e21e5ef5c5	update test	2024-07-30 13:09:28 -07:00
ejahnGithub	c1adb1a6cf	added	2024-07-30 12:24:27 -07:00
ejahnGithub	dc4e9cb532	handle attest case insensitivity	2024-07-30 12:11:25 -07:00
Zach Steindler	658f125ab3	Update sigstore-go in gh CLI to v0.5.1 (#9366 ) Signed-off-by: Zach Steindler <steiza@github.com>	2024-07-25 20:59:39 +02:00
Zach Steindler	f972050dc9	gh attestation trusted-root subcommand (#9206 ) Adds `trusted-root` subcommand to `gh attestation`. For use in upcoming docs on how to do offline verification with artifact attestations. --------- Signed-off-by: Zach Steindler <steiza@github.com> Co-authored-by: Fredrik Skogman <kommendorkapten@github.com>	2024-07-01 11:50:39 -04:00
Forrin	c572383bda	Attestation Verification - Buffer Fix (#9198 ) * swap scanner to readline for attestations * replace readLine with readBytes	2024-06-14 13:55:58 -04:00
Viktor Szépe	6d9dd57774	Fix typos	2024-05-09 20:15:27 +00:00
Meredith Lancaster	6f350827d2	Run `attestation` command set integration tests separately (#9035 ) * rename and add integration build tag Signed-off-by: Meredith Lancaster <malancas@github.com> * run tests that include integration build tag in workflow Signed-off-by: Meredith Lancaster <malancas@github.com> --------- Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-05-02 08:07:44 -06:00
William Martin	6d8709bdd7	Merge pull request #8997 from steiza/steiza/attestation-verify-offline Support offline mode for `gh attestation verify`	2024-04-29 12:22:08 +02:00

1 2

63 commits