STACKITGit/cli - Git hosting by STACKIT

Author	SHA1	Message	Date
Meredith Lancaster	1652051fc2	Merge pull request #9825 from malancas/verify-provenance-predicate-by-default `gh attestation verify` should only verify provenance attestations by default	2024-10-30 15:45:18 -06:00
Meredith Lancaster	384057c2e2	bold all flags in docs Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-29 11:54:42 -06:00
Meredith Lancaster	271450883e	Update pkg/cmd/attestation/verify/verify.go Co-authored-by: Phill MV <phillmv@github.com>	2024-10-29 11:53:28 -06:00
Meredith Lancaster	15d7e33ddb	update references Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-29 07:11:51 -06:00
Meredith Lancaster	7bfddec046	fix references Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-29 07:09:45 -06:00
Meredith Lancaster	7598c4a58f	organize Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-28 15:38:06 -06:00
Meredith Lancaster	f8f3502cac	doc updates Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-28 15:37:58 -06:00
Meredith Lancaster	4ec696dacd	create common test fixture, organize tests Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-28 13:40:48 -06:00
Meredith Lancaster	f8b0f5e687	clean up test Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-28 13:02:12 -06:00
Meredith Lancaster	ce5bde4379	simplify signer workflow validation tests Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-28 12:59:04 -06:00
Meredith Lancaster	a820457b09	clean up skipped online tests Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-28 11:47:31 -06:00
Meredith Lancaster	9ddaf13ef5	add predicate type to integration tests Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-25 15:32:16 -06:00
Meredith Lancaster	cef335c698	update tests to include predicate type Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-25 15:26:32 -06:00
Meredith Lancaster	28fa42a324	message formatting Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-25 15:00:11 -06:00
Meredith Lancaster	fa6536493f	predicate-type is no longer empty Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-25 14:54:52 -06:00
Meredith Lancaster	e8013c0778	update documentation to indclude predicate-type information Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-25 14:04:54 -06:00
Meredith Lancaster	4d57c79770	set provenance predicate type as default for predicate-type flag Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-24 11:40:55 -06:00
Tyler McGoffin	81591a09b8	Use go-gh/auth package for IsEnterprise, IsTenancy, and NormalizeHostname	2024-10-15 11:56:43 -07:00
Brian DeHamer	2e13ec5d80	Merge pull request #9616 from cli/bdehamer/custom-issuer-error Better messaging for `attestation verify` custom issuer mismatch error	2024-09-16 12:52:12 -07:00
Brian DeHamer	8c8423aa3d	better error for att verify custom issuer mismatch Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: Zach Steindler <steiza@github.com> Co-authored-by: Phill MV <phillmv@github.com>	2024-09-16 12:38:12 -07:00
William Martin	352737cb60	Use api subdomains for commands using ghinstance package	2024-09-13 15:03:36 +02:00
Brian DeHamer	f128ae8349	add att verify test for custom OIDC issuer Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-09-11 12:49:06 -07:00
Fredrik Skogman	1b59ec8ad0	This commit introduces tenancy aware attestation policy building. This is done by inspecting the current hostname to determine if tenancy is enabled. The attestation commands also accepts a --hostname parameter, that is used to pick the current host, similar to how the GH_HOST variable can be used. Signed-off-by: Fredrik Skogman <kommendorkapten@github.com>	2024-09-11 10:49:17 +02:00
Cody Soyland	b14e430441	Check for nil values to prevent nil dereference panic Signed-off-by: Cody Soyland <codysoyland@github.com>	2024-09-06 15:22:43 -04:00
ejahnGithub	0d38a2fd8e	fixed the test	2024-08-21 10:52:42 -04:00
ejahnGithub	3fd309bdde	rename flag to bundle-from-oci	2024-08-19 10:29:01 -04:00
ejahnGithub	05891965d0	udpate the options	2024-08-15 11:56:28 -04:00
ejahnGithub	5ae03d6e87	addded more test	2024-08-12 07:10:19 -07:00
ejahnGithub	57aea664e5	added test	2024-08-07 10:10:59 -07:00
ejahnGithub	8d17896080	refactor the logic and logging	2024-08-05 12:25:52 -07:00
ejahnGithub	20d3931427	tmp	2024-08-05 09:11:25 -07:00
ejahnGithub	1eaf712dd1	update test and remove logic to check SourceRepositoryOwnerURI is empty string	2024-07-31 07:29:43 -07:00
ejahnGithub	596ee8bd71	update test	2024-07-30 13:22:49 -07:00
ejahnGithub	580ddf6997	minor fix	2024-07-30 13:14:16 -07:00
ejahnGithub	e21e5ef5c5	update test	2024-07-30 13:09:28 -07:00
ejahnGithub	dc4e9cb532	handle attest case insensitivity	2024-07-30 12:11:25 -07:00
Zach Steindler	658f125ab3	Update sigstore-go in gh CLI to v0.5.1 (#9366 ) Signed-off-by: Zach Steindler <steiza@github.com>	2024-07-25 20:59:39 +02:00
Zach Steindler	f972050dc9	gh attestation trusted-root subcommand (#9206 ) Adds `trusted-root` subcommand to `gh attestation`. For use in upcoming docs on how to do offline verification with artifact attestations. --------- Signed-off-by: Zach Steindler <steiza@github.com> Co-authored-by: Fredrik Skogman <kommendorkapten@github.com>	2024-07-01 11:50:39 -04:00
Phill MV	c9f9fac7dc	Update pkg/cmd/attestation/verify/verify.go Co-authored-by: Andy Feller <andyfeller@github.com>	2024-06-24 13:33:10 -04:00
Phill MV	c25dacc33e	Update pkg/cmd/attestation/verify/verify.go Co-authored-by: Andy Feller <andyfeller@github.com>	2024-06-24 13:32:51 -04:00
Phill MV	06607d3e95	s/originated/caller/ workflow	2024-06-24 10:05:58 -04:00
Phill MV	152607e0e8	Removed beta note from `gh at verify`, clarified reusable workflows use case.	2024-06-23 21:53:09 -04:00
Phill MV	e8a13cfed3	replaced deprecated --json-result flag with --format=json in the gh at docstring.	2024-06-04 15:52:54 -04:00
Meredith Lancaster	cd5562f5ac	Add `signer-repo` and `signer-workflow` flags to `gh attestation verify` (#9137 ) * add signer-repo and signer-workflow flags Signed-off-by: Meredith Lancaster <malancas@github.com> * add check for SignerRepo option Signed-off-by: Meredith Lancaster <malancas@github.com> * add helper function and comment for clarity Signed-off-by: Meredith Lancaster <malancas@github.com> * update flag comment Signed-off-by: Meredith Lancaster <malancas@github.com> * reference correct field Signed-off-by: Meredith Lancaster <malancas@github.com> * move function to more relevant file Signed-off-by: Meredith Lancaster <malancas@github.com> * Update pkg/cmd/attestation/verify/verify.go Co-authored-by: Zach Steindler <steiza@github.com> * Update pkg/cmd/attestation/verify/verify.go Co-authored-by: Zach Steindler <steiza@github.com> * make all reusable workflow flags mutually exclusive Signed-off-by: Meredith Lancaster <malancas@github.com> * accept signer workflow without host Signed-off-by: Meredith Lancaster <malancas@github.com> * support client optionally providing host with signer workflow flag Signed-off-by: Meredith Lancaster <malancas@github.com> * comment Signed-off-by: Meredith Lancaster <malancas@github.com> * add tests for parsing signer workflow Signed-off-by: Meredith Lancaster <malancas@github.com> --------- Signed-off-by: Meredith Lancaster <malancas@github.com> Co-authored-by: Zach Steindler <steiza@github.com>	2024-05-30 07:40:55 -06:00
Meredith Lancaster	8d0518645f	Add integration tests for `gh attestation verify` shared workflow use case (#9107 ) * add initial shared workflow use case tests and test data Signed-off-by: Meredith Lancaster <malancas@github.com> * add more shared workflow tests Signed-off-by: Meredith Lancaster <malancas@github.com> * cleanup tests Signed-off-by: Meredith Lancaster <malancas@github.com> * pr feedback, replace shared with reusable Signed-off-by: Meredith Lancaster <malancas@github.com> * use demo repository with reusable workflow tests Signed-off-by: Meredith Lancaster <malancas@github.com> --------- Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-05-28 07:13:34 -06:00
Meredith Lancaster	c9e8fd6c64	Fix `attestation verify` source repository check bug (#9053 ) * add build source repo URI extension when repo is provided, add integration tests for this change Signed-off-by: Meredith Lancaster <malancas@github.com> * add initial docs on specifying cert identity Signed-off-by: Meredith Lancaster <malancas@github.com> * wording Signed-off-by: Meredith Lancaster <malancas@github.com> * add reusable workflow example Signed-off-by: Meredith Lancaster <malancas@github.com> * add more test cases Signed-off-by: Meredith Lancaster <malancas@github.com> * tweak to verify docs --------- Signed-off-by: Meredith Lancaster <malancas@github.com> Co-authored-by: Phill MV <phillmv@github.com>	2024-05-08 07:44:52 -06:00
Phill MV	5619251faa	Tweaked gh attestation help strings to generate nicer cli manual site.	2024-04-29 16:24:54 -04:00
Andy Feller	d51ae5ced9	Update attestation's beta designation	2024-04-29 14:45:20 -04:00
Andy Feller	0740c00f0a	Add beta designation on attestation command set With the `gh attestation` command set going into public beta, users should be reminded the feature is in beta and subject to change. Both the short and long help usage are updated for individual command `--help` as well as `gh reference`.	2024-04-29 12:46:01 -04:00
Andy Feller	68dfd87f47	Merge pull request #9000 from cli/andyfeller/flag-level-disableauth proof of concept for flag-level disable auth check	2024-04-29 12:15:49 -04:00

1 2

62 commits