Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
gh-attestation cmd integration (#8698)
* add attestation cmd Signed-off-by: Meredith Lancaster <malancas@github.com> * add codeowners Signed-off-by: Meredith Lancaster <malancas@github.com> * update args passed to the attestation cmd Signed-off-by: Meredith Lancaster <malancas@github.com> * rename file Signed-off-by: Meredith Lancaster <malancas@github.com> * use gh-attestation branch for passing iostreams from the root Signed-off-by: Meredith Lancaster <malancas@github.com> * add package security team entry to codeowners Signed-off-by: Meredith Lancaster <malancas@github.com> * start moving over verify cmd and general verification code Signed-off-by: Meredith Lancaster <malancas@github.com> * clean up common and verify specific policy code Signed-off-by: Meredith Lancaster <malancas@github.com> * move artifact package over Signed-off-by: Meredith Lancaster <malancas@github.com> * start pulling in the github api client wrapper Signed-off-by: Meredith Lancaster <malancas@github.com> * fix imports Signed-off-by: Meredith Lancaster <malancas@github.com> * add logger and test packages Signed-off-by: Meredith Lancaster <malancas@github.com> * add additional packages to support verify command Signed-off-by: Meredith Lancaster <malancas@github.com> * fix mock api client Signed-off-by: Meredith Lancaster <malancas@github.com> * clean up mock api client Signed-off-by: Meredith Lancaster <malancas@github.com> * include missing fields Signed-off-by: Meredith Lancaster <malancas@github.com> * use correct owner Signed-off-by: Meredith Lancaster <malancas@github.com> * add more mock api client options Signed-off-by: Meredith Lancaster <malancas@github.com> * add download cmd Signed-off-by: Meredith Lancaster <malancas@github.com> * add inspect cmd Signed-off-by: Meredith Lancaster <malancas@github.com> * pass factory object to inspect cmd, add inspect sub cmd to attestation cmd Signed-off-by: Meredith Lancaster <malancas@github.com> * add verify-tuf-root cmd Signed-off-by: Meredith Lancaster <malancas@github.com> * pass iostream struct from command Signed-off-by: Meredith Lancaster <malancas@github.com> * rename logger pkg to logger Signed-off-by: Meredith Lancaster <malancas@github.com> * fix path in codeowners Signed-off-by: Meredith Lancaster <malancas@github.com> * formatter Signed-off-by: Meredith Lancaster <malancas@github.com> * go mod tidy Signed-off-by: Meredith Lancaster <malancas@github.com> * fix printf linter issue Signed-off-by: Meredith Lancaster <malancas@github.com> * fix printf linter issue Signed-off-by: Meredith Lancaster <malancas@github.com> * check user's GH host for compatibility Signed-off-by: Meredith Lancaster <malancas@github.com> * pass oci client to commands directly Signed-off-by: Meredith Lancaster <malancas@github.com> * rename command Signed-off-by: Meredith Lancaster <malancas@github.com> * mark tuf-root-verify cmd hidden Signed-off-by: Meredith Lancaster <malancas@github.com> * move client initialization back to subcommands Signed-off-by: Meredith Lancaster <malancas@github.com> * add more verbose options and logging Signed-off-by: Meredith Lancaster <malancas@github.com> * add missing logger Signed-off-by: Meredith Lancaster <malancas@github.com> * add testing around OCI and API client Signed-off-by: Meredith Lancaster <malancas@github.com> * add integration test Signed-off-by: Meredith Lancaster <malancas@github.com> * fix file path Signed-off-by: Meredith Lancaster <malancas@github.com> * fix command Signed-off-by: Meredith Lancaster <malancas@github.com> * build executable before integration test Signed-off-by: Meredith Lancaster <malancas@github.com> * split integration tests Signed-off-by: Meredith Lancaster <malancas@github.com> * remove integration test steps Signed-off-by: Meredith Lancaster <malancas@github.com> * fix flag value Signed-off-by: Meredith Lancaster <malancas@github.com> * run integration tests on ubuntu for now Signed-off-by: Meredith Lancaster <malancas@github.com> * pull over doc updates Signed-off-by: Meredith Lancaster <malancas@github.com> * delete unused test data Signed-off-by: Meredith Lancaster <malancas@github.com> * remove Go patch version Signed-off-by: Meredith Lancaster <malancas@github.com> * switch assert to require Signed-off-by: Meredith Lancaster <malancas@github.com> * rename file Signed-off-by: Meredith Lancaster <malancas@github.com> * move integration tests to prexisting test workflow Signed-off-by: Meredith Lancaster <malancas@github.com> * use platform matrix for integration tests Signed-off-by: Meredith Lancaster <malancas@github.com> * simplify build step Signed-off-by: Meredith Lancaster <malancas@github.com> * use StringEnumFlag handling Signed-off-by: Meredith Lancaster <malancas@github.com> * typo Signed-off-by: Meredith Lancaster <malancas@github.com> * use the iostreams.Test helper func Signed-off-by: Meredith Lancaster <malancas@github.com> * create interface for oci client Signed-off-by: Meredith Lancaster <malancas@github.com> * add tests for oci client Signed-off-by: Meredith Lancaster <malancas@github.com> * rename files Signed-off-by: Meredith Lancaster <malancas@github.com> * format file Signed-off-by: Meredith Lancaster <malancas@github.com> * fix shellcheck issues Signed-off-by: Meredith Lancaster <malancas@github.com> * use testing TempDir method Signed-off-by: Meredith Lancaster <malancas@github.com> * cleanup unused tempdir handling Signed-off-by: Meredith Lancaster <malancas@github.com> * use table driven tests Signed-off-by: Meredith Lancaster <malancas@github.com> * check correct cmd Signed-off-by: Meredith Lancaster <malancas@github.com> * support repo option in download sub cmd Signed-off-by: Meredith Lancaster <malancas@github.com> * switch over to using RunE Signed-off-by: Meredith Lancaster <malancas@github.com> * unexport top level subcommand funcs Signed-off-by: Meredith Lancaster <malancas@github.com> * add comment around keychain option Signed-off-by: Meredith Lancaster <malancas@github.com> * update comments Signed-off-by: Meredith Lancaster <malancas@github.com> * fix inconsistent naming Signed-off-by: Meredith Lancaster <malancas@github.com> * add tests for CLI commands Signed-off-by: Meredith Lancaster <malancas@github.com> * check for noattestationsfound err Signed-off-by: Meredith Lancaster <malancas@github.com> * try out metadata abstraction instead Signed-off-by: Meredith Lancaster <malancas@github.com> * switch to using MetadataStore abstraction Signed-off-by: Meredith Lancaster <malancas@github.com> * include test case with failing metadata store Signed-off-by: Meredith Lancaster <malancas@github.com> * look for err specific to file write Signed-off-by: Meredith Lancaster <malancas@github.com> * unexport fields Signed-off-by: Meredith Lancaster <malancas@github.com> * return err when an unsupported hash alg is provided Signed-off-by: Meredith Lancaster <malancas@github.com> * PrintTableToStdOut returns err when rendering fails Signed-off-by: Meredith Lancaster <malancas@github.com> * start adding sigstore verifier unit tests Signed-off-by: Meredith Lancaster <malancas@github.com> * add more sigstore verifier specific tests Signed-off-by: Meredith Lancaster <malancas@github.com> * use cli table printer Signed-off-by: Meredith Lancaster <malancas@github.com> * return JSON results in slice instead of table Signed-off-by: Meredith Lancaster <malancas@github.com> * move mock client to test file Signed-off-by: Meredith Lancaster <malancas@github.com> * remove unneeded table printer method Signed-off-by: Meredith Lancaster <malancas@github.com> * add initial tests for tufrootverify cmd Signed-off-by: Meredith Lancaster <malancas@github.com> * formatting Signed-off-by: Meredith Lancaster <malancas@github.com> * cleanup method Signed-off-by: Meredith Lancaster <malancas@github.com> * close file in error handling branch Signed-off-by: Meredith Lancaster <malancas@github.com> * normalize artifact path Signed-off-by: Meredith Lancaster <malancas@github.com> * remove unneeded embedded file system Signed-off-by: Meredith Lancaster <malancas@github.com> * include image name reference err Signed-off-by: Meredith Lancaster <malancas@github.com> * use GH_DEBUG value for io handling Signed-off-by: Meredith Lancaster <malancas@github.com> * remove quiet and verbose flags Signed-off-by: Meredith Lancaster <malancas@github.com> * add more tufrootveriify tests Signed-off-by: Meredith Lancaster <malancas@github.com> * GitHubTUFOptions no longer needs to return error Signed-off-by: Meredith Lancaster <malancas@github.com> * remove unneeded slice Signed-off-by: Meredith Lancaster <malancas@github.com> * normalize all relative paths Signed-off-by: Meredith Lancaster <malancas@github.com> * clean up nil client checks Signed-off-by: Meredith Lancaster <malancas@github.com> * set api server based on host Signed-off-by: Meredith Lancaster <malancas@github.com> * add comment about http client Signed-off-by: Meredith Lancaster <malancas@github.com> * use format flag to handle json output in verify cmd Signed-off-by: Meredith Lancaster <malancas@github.com> * use format flag to handle json output Signed-off-by: Meredith Lancaster <malancas@github.com> * use normalized path for cli test arg Signed-off-by: Meredith Lancaster <malancas@github.com> * add tests for json output Signed-off-by: Meredith Lancaster <malancas@github.com> * cleanup error wrapping Signed-off-by: Meredith Lancaster <malancas@github.com> * use test fixtures correctly by normalizing path Signed-off-by: Meredith Lancaster <malancas@github.com> * dont clean Signed-off-by: Meredith Lancaster <malancas@github.com> * escape backwards slash for windows files with replace Signed-off-by: Meredith Lancaster <malancas@github.com> * use strings.Split func Signed-off-by: Meredith Lancaster <malancas@github.com> * use strings.Replace for all command tests Signed-off-by: Meredith Lancaster <malancas@github.com> * use CLI cache dir to store tuf metadata Signed-off-by: Meredith Lancaster <malancas@github.com> * Tweaked docstrings for gh attestation download * Tweaked docstrings for gh attestation verify * Fix for bug in gh attestation where the wrong hostname was being passed to the API client. * lets hide tuf-root-verify eh? * Forgot verify's short str. * add remote verification test Signed-off-by: Meredith Lancaster <malancas@github.com> * Revert "add remote verification test" This reverts commit c0ceb99. * update json result handling Signed-off-by: Meredith Lancaster <malancas@github.com> * add json tags to struct returned by command Signed-off-by: Meredith Lancaster <malancas@github.com> * fix how json results are handled Signed-off-by: Meredith Lancaster <malancas@github.com> * add test to ensure JSON output is valid Signed-off-by: Meredith Lancaster <malancas@github.com> --------- Signed-off-by: Meredith Lancaster <malancas@github.com> Co-authored-by: Phill MV <phillmv@github.com>
- Loading branch information