Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provide certificate flags to all verify commands #1305

Merged
merged 1 commit into from Jan 13, 2022
Merged

Provide certificate flags to all verify commands #1305

merged 1 commit into from Jan 13, 2022

Conversation

haydentherapper
Copy link
Contributor

Small refactor to provide the cert and cert-email
flags to all verify commands. cert-email will be
optionally used to when verifying a Fulcio certificate
to pin the cert identity. This refactor makes it easier
to add additional cert validations.

Also removed Fulcio flags from attestation verification, as they were unused.

Signed-off-by: Hayden Blauzvern hblauzvern@google.com

Summary

Ticket Link

Release Note

* Added support for providing a local or hosted certificate to verify attestations
* All verify commands now can optionally validate the Fulcio certificate email

@haydentherapper
Provide certificate flags to all verify commands
8cace74 
Small refactor to provide the cert and cert-email
flags to all verify commands. cert-email will be
optionally used to when verifying a Fulcio certificate
to pin the cert identity. This refactor makes it easier
to add additional cert validations.

Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>
@haydentherapper haydentherapper mentioned this pull request Jan 13, 2022
Merged
dlorenc
dlorenc approved these changes Jan 13, 2022
View reviewed changes
Copy link
Member

@dlorenc dlorenc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nicely done!

@dlorenc dlorenc merged commit 46cf94b into sigstore:main Jan 13, 2022
@github-actions github-actions bot added this to the v1.5.0 milestone Jan 13, 2022
mlieberman85 pushed a commit to mlieberman85/cosign that referenced this pull request May 6, 2022
@haydentherapper @mlieberman85
Provide certificate flags to all verify commands (sigstore#1305)
7d42b8a 
Small refactor to provide the cert and cert-email
flags to all verify commands. cert-email will be
optionally used to when verifying a Fulcio certificate
to pin the cert identity. This refactor makes it easier
to add additional cert validations.

Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dlorenc dlorenc dlorenc approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v1.5.0
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@haydentherapper @dlorenc