From e1e01533204959094cb0ac834a729474fe39e27d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Batuhan=20Apayd=C4=B1n?= <batuhan.apaydin@trendyol.com>
Date: Thu, 27 Jan 2022 16:57:49 +0300
Subject: [PATCH] docs: verify-attestation cue and rego policy doc (#1362)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
---
 cmd/cosign/cli/verify.go         | 8 +++++++-
 doc/cosign_verify-attestation.md | 6 ++++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/cmd/cosign/cli/verify.go b/cmd/cosign/cli/verify.go
index 33288324fcc..e518aada94b 100644
--- a/cmd/cosign/cli/verify.go
+++ b/cmd/cosign/cli/verify.go
@@ -153,7 +153,13 @@ against the transparency log.`,
   cosign verify-attestation --key gitlab://[OWNER]/[PROJECT_NAME] <IMAGE>
 
   # verify image with public key stored in GitLab with project id
-  cosign verify-attestation --key gitlab://[PROJECT_ID] <IMAGE>`,
+  cosign verify-attestation --key gitlab://[PROJECT_ID] <IMAGE>
+
+  # verify image with public key and validate attestation based on Rego policy
+  cosign verify-attestation --key cosign.pub --type <PREDICATE_TYPE> --policy <REGO_POLICY> <IMAGE>
+
+  # verify image with public key and validate attestation based on CUE policy
+  cosign verify-attestation --key cosign.pub --type <PREDICATE_TYPE> --policy <CUE_POLICY> <IMAGE>`,
 
 		Args: cobra.MinimumNArgs(1),
 		RunE: func(cmd *cobra.Command, args []string) error {
diff --git a/doc/cosign_verify-attestation.md b/doc/cosign_verify-attestation.md
index a381f8b607f..a3d40a9022b 100644
--- a/doc/cosign_verify-attestation.md
+++ b/doc/cosign_verify-attestation.md
@@ -48,6 +48,12 @@ cosign verify-attestation [flags]
 
   # verify image with public key stored in GitLab with project id
   cosign verify-attestation --key gitlab://[PROJECT_ID] <IMAGE>
+
+  # verify image with public key and validate attestation based on Rego policy
+  cosign verify-attestation --key cosign.pub --type <PREDICATE_TYPE> --policy <REGO_POLICY> <IMAGE>
+
+  # verify image with public key and validate attestation based on CUE policy
+  cosign verify-attestation --key cosign.pub --type <PREDICATE_TYPE> --policy <CUE_POLICY> <IMAGE>
 ```
 
 ### Options