STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
7860 commits 87 branches 0 tags 160 MiB
Commit graph

93 commits

Author SHA1 Message Date
Meredith Lancaster
50d335566d check specific err 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-09-10 10:47:06 -06:00
Meredith Lancaster
3814e82f9b check err in GetLocalAttestations 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-09-10 10:32:46 -06:00
Meredith Lancaster
f748f9e65f Merge remote-tracking branch 'upstream/trunk' into verification-err-output 2024-09-10 09:04:57 -06:00
Meredith Lancaster
83519e4e92 check for sigstore-go validation errs 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-09-10 07:54:45 -06:00
William Martin
78c1d00ecc
Merge pull request #9577 from cli/move-non-integration-test 
Move non-integration tests to different test file
 2024-09-10 15:43:25 +02:00
Meredith Lancaster
bbefc5b24f handle os.PathError in GetLocalAttestations 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-09-09 08:53:11 -06:00
Meredith Lancaster
945e2b7eee
Merge branch 'trunk' into verification-err-output 2024-09-09 08:23:01 -06:00
Cody Soyland
b14e430441
Check for nil values to prevent nil dereference panic 
Signed-off-by: Cody Soyland <codysoyland@github.com>
 2024-09-06 15:22:43 -04:00
Cody Soyland
500b619a5e
Move non-integration test to different test file 
Signed-off-by: Cody Soyland <codysoyland@github.com>
 2024-09-06 13:55:25 -04:00
Meredith Lancaster
668706ccf5 print verify err 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-09-05 13:29:22 -06:00
Meredith Lancaster
57b20291bd check for os.PathError 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-09-05 13:20:13 -06:00
Meredith Lancaster
7c405e8b6e dont print err content 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-09-05 08:16:34 -06:00
Cody Soyland
ea1a3da1eb
Rename ProtobufBundle to Bundle 
Signed-off-by: Cody Soyland <codysoyland@github.com>
 2024-09-04 16:45:02 -04:00
Cody Soyland
8446079656
Upgrade to sigstore-go v0.6.1 
Signed-off-by: Cody Soyland <codysoyland@github.com>
 2024-09-04 16:38:13 -04:00
Meredith Lancaster
1b67b354a9 update bundle file parsing err messages 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-09-04 13:30:30 -06:00
Meredith Lancaster
34d7ef7a0e
gh attestation verify handles empty JSONL files (#9541) 
* handle empty jsonl files

Signed-off-by: Meredith Lancaster <malancas@github.com>

* check processed attestations slice length

Signed-off-by: Meredith Lancaster <malancas@github.com>

* update err name and message

Signed-off-by: Meredith Lancaster <malancas@github.com>

---------

Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-09-04 10:31:41 -06:00
Aryan Bhosale
9a0a7d427e
verify 2nd artifact without swapping order (#9532) 
* verify 2nd artifact without swapping order

possible solution to https://github.com/cli/cli/issues/9521#issuecomment-2310686619?

* copy the mentioned test file and adds some extra lines

* rm unnecessary import

* Update pkg/cmd/attestation/verification/attestation_test.go

Co-authored-by: Meredith Lancaster <malancas@users.noreply.github.com>

* gofmt

---------

Co-authored-by: Meredith Lancaster <malancas@users.noreply.github.com>
 2024-09-04 08:57:56 -06:00
Aryan Bhosale
8305a49c3f
"offline" verification using the bundle of attestations without any additional handling of the file (#9523) 2024-08-26 09:58:29 -06:00
Eugene
e21d053faf
Merge branch 'trunk' into eugene/attestation/fetch-oci-bundle 2024-08-21 12:24:08 -04:00
ejahnGithub
0d38a2fd8e fixed the test 2024-08-21 10:52:42 -04:00
ejahnGithub
47a8f4bbdd update error message 2024-08-20 16:14:39 -04:00
ejahnGithub
3fd309bdde rename flag to bundle-from-oci 2024-08-19 10:29:01 -04:00
Eugene
04e111db03
Merge branch 'trunk' into eugene/attestation/fetch-oci-bundle 2024-08-15 13:31:41 -04:00
Cody Soyland
4618a267de
Update attestation TUF root 
Signed-off-by: Cody Soyland <codysoyland@github.com>
 2024-08-15 13:06:54 -04:00
ejahnGithub
05891965d0 udpate the options 2024-08-15 11:56:28 -04:00
ejahnGithub
5ae03d6e87 addded more test 2024-08-12 07:10:19 -07:00
Cody Soyland
35b2cf70cf
Change to requiring bundle v0.2 
Signed-off-by: Cody Soyland <codysoyland@github.com>
 2024-08-09 16:36:16 -04:00
Cody Soyland
b783441540
Fix tests 
Signed-off-by: Cody Soyland <codysoyland@github.com>
 2024-08-09 16:14:04 -04:00
Cody Soyland
574e131072
Require Sigstore Bundle v0.3 when verifying with gh attestation 
Signed-off-by: Cody Soyland <codysoyland@github.com>
 2024-08-09 16:02:04 -04:00
Eugene
cc0fe091c4
Merge branch 'trunk' into eugene/attestation/fetch-oci-bundle 2024-08-07 10:21:34 -07:00
ejahnGithub
832a43072c minor fixed 2024-08-07 10:19:47 -07:00
ejahnGithub
d1cd69c81c minor fixed 2024-08-07 10:16:30 -07:00
ejahnGithub
57aea664e5 added test 2024-08-07 10:10:59 -07:00
ejahnGithub
bad127c342 clean naming 2024-08-05 12:56:35 -07:00
ejahnGithub
8ae4f1cfb9 add contain check 2024-08-05 12:53:43 -07:00
ejahnGithub
8d17896080 refactor the logic and logging 2024-08-05 12:25:52 -07:00
ejahnGithub
20d3931427 tmp 2024-08-05 09:11:25 -07:00
Yukai Chou
d7b8ecf33d Unify use of tab indent in non-test source files 
Found with
    rg '(^ | \t|\t )' -g '*.go' -g '!*_test.go'

Mixed indent exceptions:
- wrapped long list items with extra 2-space indent
- code snippets using space indent
- commented code lines having "\t*// \t+" prefix
 2024-08-03 00:35:30 +08:00
ejahnGithub
1eaf712dd1 update test and remove logic to check SourceRepositoryOwnerURI is empty string 2024-07-31 07:29:43 -07:00
ejahnGithub
596ee8bd71 update test 2024-07-30 13:22:49 -07:00
ejahnGithub
580ddf6997 minor fix 2024-07-30 13:14:16 -07:00
ejahnGithub
e21e5ef5c5 update test 2024-07-30 13:09:28 -07:00
ejahnGithub
c1adb1a6cf added 2024-07-30 12:24:27 -07:00
ejahnGithub
dc4e9cb532 handle attest case insensitivity 2024-07-30 12:11:25 -07:00
Zach Steindler
658f125ab3
Update sigstore-go in gh CLI to v0.5.1 (#9366) 
Signed-off-by: Zach Steindler <steiza@github.com>
 2024-07-25 20:59:39 +02:00
Zach Steindler
a81a1f7e90
Remove attestation test that requires being online (#9340) 
Signed-off-by: Zach Steindler <steiza@github.com>
 2024-07-19 09:24:47 -04:00
Zach Steindler
f972050dc9
gh attestation trusted-root subcommand (#9206) 
Adds `trusted-root` subcommand to `gh attestation`.

For use in upcoming docs on how to do offline verification with artifact
attestations.

---------

Signed-off-by: Zach Steindler <steiza@github.com>
Co-authored-by: Fredrik Skogman <kommendorkapten@github.com>
 2024-07-01 11:50:39 -04:00
Phill MV
c9f9fac7dc
Update pkg/cmd/attestation/verify/verify.go 
Co-authored-by: Andy Feller <andyfeller@github.com>
 2024-06-24 13:33:10 -04:00
Phill MV
c25dacc33e
Update pkg/cmd/attestation/verify/verify.go 
Co-authored-by: Andy Feller <andyfeller@github.com>
 2024-06-24 13:32:51 -04:00
Phill MV
06607d3e95 s/originated/caller/ workflow 2024-06-24 10:05:58 -04:00