Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add --ca-roots and --ca-intermediates flags to 'cosign verify' #3464

Merged
merged 13 commits into from
Jul 1, 2024

Commits on Jun 26, 2024

  1. add --certificate-bundle flag to 'cosign verify'

    Related to issue sigstore#3462.  Current commit adds the flag
    to verify the CLI options.  The new flag doesn't have
    any effect yet (will add in follow-up PRs).
    
    Signed-off-by: Dmitry S <dsavints@gmail.com>
    dmitris committed Jun 26, 2024
    Configuration menu
    Copy the full SHA
    3663f23 View commit details
    Browse the repository at this point in the history
  2. Add --ca-roots flag for 'cosign verify'

    Add --ca-roots command-line flag for 'cosign verify'
    to enable verifying cosign signatures using PEM bundles
    of CA roots. Whether to also add --ca-intermediates flag
    is TBD.  Unit tests will be added in the next commit(s).
    
    Fixes sigstore#3462.
    
    Signed-off-by: Dmitry S <dsavints@gmail.com>
    dmitris committed Jun 26, 2024
    Configuration menu
    Copy the full SHA
    b6b9371 View commit details
    Browse the repository at this point in the history
  3. add functional tests for --ca-roots flag

    Signed-off-by: Dmitry S <dsavints@gmail.com>
    dmitris committed Jun 26, 2024
    Configuration menu
    Copy the full SHA
    e333eb8 View commit details
    Browse the repository at this point in the history
  4. setup-crane action for e2e_test_pkcs11.sh

    Signed-off-by: Dmitry S <dsavints@gmail.com>
    dmitris committed Jun 26, 2024
    Configuration menu
    Copy the full SHA
    2ecf4c3 View commit details
    Browse the repository at this point in the history
  5. rebase on trunk

    Signed-off-by: Dmitry Savintsev <dsavints@yahooinc.com>
    dmitris committed Jun 26, 2024
    Configuration menu
    Copy the full SHA
    c5ca7b4 View commit details
    Browse the repository at this point in the history
  6. transform gencert subpackage to helper function

    Signed-off-by: Dmitry S <dsavints@gmail.com>
    dmitris committed Jun 26, 2024
    Configuration menu
    Copy the full SHA
    8131308 View commit details
    Browse the repository at this point in the history
  7. use the trunk version of workflows/e2e-tests.yml

    Signed-off-by: Dmitry S <dsavints@gmail.com>
    dmitris committed Jun 26, 2024
    Configuration menu
    Copy the full SHA
    701bad7 View commit details
    Browse the repository at this point in the history
  8. correct certificate generation for e2e tests

    Signed-off-by: Dmitry S <dsavints@gmail.com>
    dmitris committed Jun 26, 2024
    Configuration menu
    Copy the full SHA
    da3779d View commit details
    Browse the repository at this point in the history
  9. refactor test cert/keys generation and corresponding test

    Signed-off-by: Dmitry S <dsavints@gmail.com>
    dmitris committed Jun 26, 2024
    Configuration menu
    Copy the full SHA
    ee0ece0 View commit details
    Browse the repository at this point in the history
  10. add license header

    Signed-off-by: Dmitry S <dsavints@gmail.com>
    dmitris committed Jun 26, 2024
    Configuration menu
    Copy the full SHA
    70ed9f9 View commit details
    Browse the repository at this point in the history
  11. remove test shell scripts

    Signed-off-by: Dmitry S <dsavints@gmail.com>
    dmitris committed Jun 26, 2024
    Configuration menu
    Copy the full SHA
    c437f56 View commit details
    Browse the repository at this point in the history

Commits on Jul 1, 2024

  1. remove unused certFile param to verifyCertBundle

    Signed-off-by: Dmitry S <dsavints@gmail.com>
    dmitris committed Jul 1, 2024
    Configuration menu
    Copy the full SHA
    ec1abdf View commit details
    Browse the repository at this point in the history
  2. remove duplicate test functions

    Signed-off-by: Dmitry S <dsavints@gmail.com>
    dmitris committed Jul 1, 2024
    Configuration menu
    Copy the full SHA
    f1be17d View commit details
    Browse the repository at this point in the history