Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

move verify-dockerfile to dockerfile verify #662

Merged
merged 2 commits into from
Sep 14, 2021

Conversation

dekkagaijin
Copy link
Member

@dekkagaijin dekkagaijin commented Sep 14, 2021

BREAKING

This command group lets us begin splitting up image discovery from image signature creation/verification. Another subcommand I'm imagining is:

  • dockerfile resolve-images which resolves FROM image:tags to FROM image@sha256:digest and either outputs the list of image digests (e.g. for something like cosign dockerfile resolve-images $FILE | xargs cosign verify) or outputs a re-written file (to STDOUT or in-place).

@dekkagaijin
Copy link
Member Author

/cc @mattmoor

Signed-off-by: Jake Sanders <jsand@google.com>
@dekkagaijin
Copy link
Member Author

/cc @developer-guy

@dekkagaijin
Copy link
Member Author

I'm thinking that my concerns about maintainability we'd be taking on by adding new commands and functionality for image discovery would be at least partially ameliorated by formally separating functionality out into different commands. This lets us avoid a situation where we have to support a cross-product of functionality for both a) processing dockerfiles and b) signing/verifying images under a single surface

return &ffcli.Command{
Name: "dockerfile",
ShortUsage: "cosign dockerfile",
ShortHelp: "Provides utilities for attaching artifacts to other artifacts in a registry",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This sounds wrong

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

// See the License for the specific language governing permissions and
// limitations under the License.

package dockerfile
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for putting this into its own package 🤩 cli is getting crowded

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah, been splitting subcommand groups into their own folders

Signed-off-by: Jake Sanders <jsand@google.com>
@priyawadhwa priyawadhwa merged commit 1b1cafc into sigstore:main Sep 14, 2021
@dekkagaijin dekkagaijin deleted the dockerfile branch September 14, 2021 20:56
@cpanato cpanato added this to the v1.2.0 milestone Sep 15, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants