Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feat/cosign repository #45

Merged
merged 19 commits into from
Feb 9, 2024
Merged

Feat/cosign repository #45

merged 19 commits into from
Feb 9, 2024

Conversation

puffitos
Copy link
Collaborator

@puffitos puffitos commented Feb 8, 2024
edited
Loading

Motivation

Closes #44

Changes

  • Added a function to retrieve the env variable COSIGN_REPOSITORY from the container's env.
  • If present, the remote Options for the OCI check are changed, so that the COSIGN_REPOSITORY is used for singature verification
  • Added a new struct for the framework, to allow saving signatures of containers used to other repositories

Tests done

  • New passing E2E test

@puffitos
refactor: more robust E2E tests
a72b0f1 
Added a new test case for the COSIGN_REPOSITORY variable
and made the e2e tests more robust by properly handling timeouts,
which weren't working half the time.

Signed-off-by: Bruno Bressi <bruno.bressi@telekom.de>
@puffitos
chore: added linting suggestions
ea177de 
- Reduced complexity of Server
- Reduce memory footprint for checking loops
- Other minor renamings & fixes

Signed-off-by: Bruno Bressi <bruno.bressi@telekom.de>
@puffitos
fix: E2E tests should work now
b0a99f7 
Signed-off-by: Bruno Bressi <bruno.bressi@telekom.de>
@puffitos
chore: removed dead test & renamed slog back to log
82cfaa9 
Signed-off-by: Bruno Bressi <bruno.bressi@telekom.de>
@puffitos
chore: removed comment
ff2b042 
Signed-off-by: Bruno Bressi <bruno.bressi@telekom.de>
@puffitos
chore: bumped deps & added some comments
06bc68c 
Signed-off-by: Bruno Bressi <bruno.bressi@telekom.de>
@puffitos
chore: install go version for e2e tests
143308b 
Signed-off-by: Bruno Bressi <bruno.bressi@telekom.de>
@puffitos
chore: merged from main
096928c 
Signed-off-by: Bruno Bressi <bruno.bressi@telekom.de>
@puffitos
chore: moved back to placeholder logs in main
04d1955 
Signed-off-by: Bruno Bressi <bruno.bressi@telekom.de>
@puffitos
chore: added godoc
cbcb14c 
Signed-off-by: Bruno Bressi <bruno.bressi@telekom.de>
@puffitos
feat: allow non-default verification of images with different signatu…
08bb39e 
…re repository

Signed-off-by: Bruno Bressi <bruno.bressi@telekom.de>
@puffitos
docs: documented feature
3f55ab3 
Signed-off-by: Bruno Bressi <bruno.bressi@telekom.de>
@puffitos
chore: unordered list formatting fixed
7395531 
Signed-off-by: Bruno Bressi <bruno.bressi@telekom.de>
@puffitos
fix: failure tests fail reliably now
9ad9299 
Signed-off-by: Bruno Bressi <bruno.bressi@telekom.de>
@puffitos
[skip ci] chore: re-arrange functions
71a3819 
Signed-off-by: Bruno Bressi <bruno.bressi@telekom.de>
@puffitos
chore: readme cleanup & more info on e2e
2e30275 
Signed-off-by: Bruno Bressi <bruno.bressi@telekom.de>
@puffitos
chore: merged from main
bfdbc94 
Signed-off-by: Bruno Bressi <bruno.bressi@telekom.de>
@puffitos puffitos added this to the 4.1.0 milestone Feb 8, 2024
@puffitos puffitos requested a review from eumel8 February 8, 2024 11:11
@puffitos puffitos self-assigned this Feb 8, 2024
@eumel8
Copy link
Owner

eumel8 commented Feb 9, 2024

@puffitos : many thanks for the feature and the amazing test framework!

@eumel8 eumel8 merged commit 4629548 into main Feb 9, 2024
12 checks passed
@eumel8 eumel8 deleted the feat/cosign-repository branch February 9, 2024 16:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@eumel8 eumel8 Awaiting requested review from eumel8

Assignees

@puffitos puffitos

Labels
None yet
Projects
None yet
Milestone
4.1.0
Development

Successfully merging this pull request may close these issues.

Support COSIGN_REPOSITORY variable to allow signatures to be read from other image repositories
2 participants
@puffitos @eumel8