STACKITGit/cli - Git hosting by STACKIT

Author	SHA1	Message	Date
Meredith Lancaster	5f6e720a50	reorder policy enforcement criteria print out Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-01-22 13:27:56 -07:00
Phill MV	dd95e5a863	tweak output of build policy info	2024-12-13 15:55:49 -05:00
Meredith Lancaster	389d0b31dc	wording Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-11-26 13:49:32 -07:00
Meredith Lancaster	92c623ab54	var naming Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-11-26 13:38:09 -07:00
Meredith Lancaster	a326f5cb18	drop table view Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-11-26 13:36:51 -07:00
Meredith Lancaster	645d7501f0	order policy info so relevant info is printed next to each other Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-11-26 13:35:19 -07:00
Meredith Lancaster	c7d3e6daeb	Update pkg/cmd/attestation/verification/policy.go Co-authored-by: Phill MV <phillmv@github.com>	2024-11-25 14:50:16 -07:00
Meredith Lancaster	4b83d8e73b	Update pkg/cmd/attestation/verification/policy.go Co-authored-by: Phill MV <phillmv@github.com>	2024-11-25 14:49:56 -07:00
Meredith Lancaster	241bb2edd1	Update pkg/cmd/attestation/verification/policy.go Co-authored-by: Phill MV <phillmv@github.com>	2024-11-25 14:49:44 -07:00
Meredith Lancaster	a170c91c6d	experiment with table output Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-11-20 09:04:42 -07:00
Meredith Lancaster	08a66f5383	wording Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-11-19 14:26:15 -07:00
Meredith Lancaster	b787a8b785	wording Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-11-18 13:39:06 -07:00
Meredith Lancaster	a89071c30d	wording Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-11-18 12:25:57 -07:00
Meredith Lancaster	cfbc1c7e10	wording Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-11-18 12:16:12 -07:00
Meredith Lancaster	6ca5e6f18c	add newlines for additional policy info Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-11-18 11:42:39 -07:00
Meredith Lancaster	a56ff4a0eb	wording Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-11-14 10:29:24 -07:00
Meredith Lancaster	91577594de	formatting Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-11-14 10:20:48 -07:00
Meredith Lancaster	c7e4411a88	print policy information before verifying Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-11-07 13:16:13 -07:00
Meredith Lancaster	07e9a4a19d	add initial policy info method Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-11-07 11:08:58 -07:00
Meredith Lancaster	b9c9f0acc2	move comment Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-11-04 07:35:42 -07:00
Meredith Lancaster	a7a70fc91c	check for SAN and SANRegex Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-31 16:59:25 -06:00
Meredith Lancaster	50cda0df44	add Valid method for EnforcementCriteria Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-31 16:56:49 -06:00
Meredith Lancaster	8336f797ad	use sigstore-go certificate.Summary type for criteria Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-31 16:27:21 -06:00
Meredith Lancaster	6f4b5ddc40	remove artifact from EnforcementCriteria Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-31 16:07:25 -06:00
Meredith Lancaster	bb0dcd9db4	fix wrong field settings Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-30 17:19:15 -06:00
Meredith Lancaster	b44c9d3003	undo policy method changes Signed-off-by: Meredith Lancaster <malancas@github.com>	2024-10-30 15:23:50 -06:00
Meredith Lancaster	90b7bf97c5	gh-attestation cmd integration (#8698 ) * add attestation cmd Signed-off-by: Meredith Lancaster <malancas@github.com> * add codeowners Signed-off-by: Meredith Lancaster <malancas@github.com> * update args passed to the attestation cmd Signed-off-by: Meredith Lancaster <malancas@github.com> * rename file Signed-off-by: Meredith Lancaster <malancas@github.com> * use gh-attestation branch for passing iostreams from the root Signed-off-by: Meredith Lancaster <malancas@github.com> * add package security team entry to codeowners Signed-off-by: Meredith Lancaster <malancas@github.com> * start moving over verify cmd and general verification code Signed-off-by: Meredith Lancaster <malancas@github.com> * clean up common and verify specific policy code Signed-off-by: Meredith Lancaster <malancas@github.com> * move artifact package over Signed-off-by: Meredith Lancaster <malancas@github.com> * start pulling in the github api client wrapper Signed-off-by: Meredith Lancaster <malancas@github.com> * fix imports Signed-off-by: Meredith Lancaster <malancas@github.com> * add logger and test packages Signed-off-by: Meredith Lancaster <malancas@github.com> * add additional packages to support verify command Signed-off-by: Meredith Lancaster <malancas@github.com> * fix mock api client Signed-off-by: Meredith Lancaster <malancas@github.com> * clean up mock api client Signed-off-by: Meredith Lancaster <malancas@github.com> * include missing fields Signed-off-by: Meredith Lancaster <malancas@github.com> * use correct owner Signed-off-by: Meredith Lancaster <malancas@github.com> * add more mock api client options Signed-off-by: Meredith Lancaster <malancas@github.com> * add download cmd Signed-off-by: Meredith Lancaster <malancas@github.com> * add inspect cmd Signed-off-by: Meredith Lancaster <malancas@github.com> * pass factory object to inspect cmd, add inspect sub cmd to attestation cmd Signed-off-by: Meredith Lancaster <malancas@github.com> * add verify-tuf-root cmd Signed-off-by: Meredith Lancaster <malancas@github.com> * pass iostream struct from command Signed-off-by: Meredith Lancaster <malancas@github.com> * rename logger pkg to logger Signed-off-by: Meredith Lancaster <malancas@github.com> * fix path in codeowners Signed-off-by: Meredith Lancaster <malancas@github.com> * formatter Signed-off-by: Meredith Lancaster <malancas@github.com> * go mod tidy Signed-off-by: Meredith Lancaster <malancas@github.com> * fix printf linter issue Signed-off-by: Meredith Lancaster <malancas@github.com> * fix printf linter issue Signed-off-by: Meredith Lancaster <malancas@github.com> * check user's GH host for compatibility Signed-off-by: Meredith Lancaster <malancas@github.com> * pass oci client to commands directly Signed-off-by: Meredith Lancaster <malancas@github.com> * rename command Signed-off-by: Meredith Lancaster <malancas@github.com> * mark tuf-root-verify cmd hidden Signed-off-by: Meredith Lancaster <malancas@github.com> * move client initialization back to subcommands Signed-off-by: Meredith Lancaster <malancas@github.com> * add more verbose options and logging Signed-off-by: Meredith Lancaster <malancas@github.com> * add missing logger Signed-off-by: Meredith Lancaster <malancas@github.com> * add testing around OCI and API client Signed-off-by: Meredith Lancaster <malancas@github.com> * add integration test Signed-off-by: Meredith Lancaster <malancas@github.com> * fix file path Signed-off-by: Meredith Lancaster <malancas@github.com> * fix command Signed-off-by: Meredith Lancaster <malancas@github.com> * build executable before integration test Signed-off-by: Meredith Lancaster <malancas@github.com> * split integration tests Signed-off-by: Meredith Lancaster <malancas@github.com> * remove integration test steps Signed-off-by: Meredith Lancaster <malancas@github.com> * fix flag value Signed-off-by: Meredith Lancaster <malancas@github.com> * run integration tests on ubuntu for now Signed-off-by: Meredith Lancaster <malancas@github.com> * pull over doc updates Signed-off-by: Meredith Lancaster <malancas@github.com> * delete unused test data Signed-off-by: Meredith Lancaster <malancas@github.com> * remove Go patch version Signed-off-by: Meredith Lancaster <malancas@github.com> * switch assert to require Signed-off-by: Meredith Lancaster <malancas@github.com> * rename file Signed-off-by: Meredith Lancaster <malancas@github.com> * move integration tests to prexisting test workflow Signed-off-by: Meredith Lancaster <malancas@github.com> * use platform matrix for integration tests Signed-off-by: Meredith Lancaster <malancas@github.com> * simplify build step Signed-off-by: Meredith Lancaster <malancas@github.com> * use StringEnumFlag handling Signed-off-by: Meredith Lancaster <malancas@github.com> * typo Signed-off-by: Meredith Lancaster <malancas@github.com> * use the iostreams.Test helper func Signed-off-by: Meredith Lancaster <malancas@github.com> * create interface for oci client Signed-off-by: Meredith Lancaster <malancas@github.com> * add tests for oci client Signed-off-by: Meredith Lancaster <malancas@github.com> * rename files Signed-off-by: Meredith Lancaster <malancas@github.com> * format file Signed-off-by: Meredith Lancaster <malancas@github.com> * fix shellcheck issues Signed-off-by: Meredith Lancaster <malancas@github.com> * use testing TempDir method Signed-off-by: Meredith Lancaster <malancas@github.com> * cleanup unused tempdir handling Signed-off-by: Meredith Lancaster <malancas@github.com> * use table driven tests Signed-off-by: Meredith Lancaster <malancas@github.com> * check correct cmd Signed-off-by: Meredith Lancaster <malancas@github.com> * support repo option in download sub cmd Signed-off-by: Meredith Lancaster <malancas@github.com> * switch over to using RunE Signed-off-by: Meredith Lancaster <malancas@github.com> * unexport top level subcommand funcs Signed-off-by: Meredith Lancaster <malancas@github.com> * add comment around keychain option Signed-off-by: Meredith Lancaster <malancas@github.com> * update comments Signed-off-by: Meredith Lancaster <malancas@github.com> * fix inconsistent naming Signed-off-by: Meredith Lancaster <malancas@github.com> * add tests for CLI commands Signed-off-by: Meredith Lancaster <malancas@github.com> * check for noattestationsfound err Signed-off-by: Meredith Lancaster <malancas@github.com> * try out metadata abstraction instead Signed-off-by: Meredith Lancaster <malancas@github.com> * switch to using MetadataStore abstraction Signed-off-by: Meredith Lancaster <malancas@github.com> * include test case with failing metadata store Signed-off-by: Meredith Lancaster <malancas@github.com> * look for err specific to file write Signed-off-by: Meredith Lancaster <malancas@github.com> * unexport fields Signed-off-by: Meredith Lancaster <malancas@github.com> * return err when an unsupported hash alg is provided Signed-off-by: Meredith Lancaster <malancas@github.com> * PrintTableToStdOut returns err when rendering fails Signed-off-by: Meredith Lancaster <malancas@github.com> * start adding sigstore verifier unit tests Signed-off-by: Meredith Lancaster <malancas@github.com> * add more sigstore verifier specific tests Signed-off-by: Meredith Lancaster <malancas@github.com> * use cli table printer Signed-off-by: Meredith Lancaster <malancas@github.com> * return JSON results in slice instead of table Signed-off-by: Meredith Lancaster <malancas@github.com> * move mock client to test file Signed-off-by: Meredith Lancaster <malancas@github.com> * remove unneeded table printer method Signed-off-by: Meredith Lancaster <malancas@github.com> * add initial tests for tufrootverify cmd Signed-off-by: Meredith Lancaster <malancas@github.com> * formatting Signed-off-by: Meredith Lancaster <malancas@github.com> * cleanup method Signed-off-by: Meredith Lancaster <malancas@github.com> * close file in error handling branch Signed-off-by: Meredith Lancaster <malancas@github.com> * normalize artifact path Signed-off-by: Meredith Lancaster <malancas@github.com> * remove unneeded embedded file system Signed-off-by: Meredith Lancaster <malancas@github.com> * include image name reference err Signed-off-by: Meredith Lancaster <malancas@github.com> * use GH_DEBUG value for io handling Signed-off-by: Meredith Lancaster <malancas@github.com> * remove quiet and verbose flags Signed-off-by: Meredith Lancaster <malancas@github.com> * add more tufrootveriify tests Signed-off-by: Meredith Lancaster <malancas@github.com> * GitHubTUFOptions no longer needs to return error Signed-off-by: Meredith Lancaster <malancas@github.com> * remove unneeded slice Signed-off-by: Meredith Lancaster <malancas@github.com> * normalize all relative paths Signed-off-by: Meredith Lancaster <malancas@github.com> * clean up nil client checks Signed-off-by: Meredith Lancaster <malancas@github.com> * set api server based on host Signed-off-by: Meredith Lancaster <malancas@github.com> * add comment about http client Signed-off-by: Meredith Lancaster <malancas@github.com> * use format flag to handle json output in verify cmd Signed-off-by: Meredith Lancaster <malancas@github.com> * use format flag to handle json output Signed-off-by: Meredith Lancaster <malancas@github.com> * use normalized path for cli test arg Signed-off-by: Meredith Lancaster <malancas@github.com> * add tests for json output Signed-off-by: Meredith Lancaster <malancas@github.com> * cleanup error wrapping Signed-off-by: Meredith Lancaster <malancas@github.com> * use test fixtures correctly by normalizing path Signed-off-by: Meredith Lancaster <malancas@github.com> * dont clean Signed-off-by: Meredith Lancaster <malancas@github.com> * escape backwards slash for windows files with replace Signed-off-by: Meredith Lancaster <malancas@github.com> * use strings.Split func Signed-off-by: Meredith Lancaster <malancas@github.com> * use strings.Replace for all command tests Signed-off-by: Meredith Lancaster <malancas@github.com> * use CLI cache dir to store tuf metadata Signed-off-by: Meredith Lancaster <malancas@github.com> * Tweaked docstrings for gh attestation download * Tweaked docstrings for gh attestation verify * Fix for bug in gh attestation where the wrong hostname was being passed to the API client. * lets hide tuf-root-verify eh? * Forgot verify's short str. * add remote verification test Signed-off-by: Meredith Lancaster <malancas@github.com> * Revert "add remote verification test" This reverts commit `c0ceb99ca8`. * update json result handling Signed-off-by: Meredith Lancaster <malancas@github.com> * add json tags to struct returned by command Signed-off-by: Meredith Lancaster <malancas@github.com> * fix how json results are handled Signed-off-by: Meredith Lancaster <malancas@github.com> * add test to ensure JSON output is valid Signed-off-by: Meredith Lancaster <malancas@github.com> --------- Signed-off-by: Meredith Lancaster <malancas@github.com> Co-authored-by: Phill MV <phillmv@github.com>	2024-04-01 11:13:47 -06:00

27 commits