Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a flag to disable ambient credential usage for cosign sign #1819

Closed
di opened this issue Apr 29, 2022 · 2 comments · Fixed by #1832
Closed

Add a flag to disable ambient credential usage for cosign sign #1819

di opened this issue Apr 29, 2022 · 2 comments · Fixed by #1832
Labels
enhancement New feature or request

Comments

@di
Copy link
Member

di commented Apr 29, 2022

Description

It'd be helpful to add a flag that prevents cosign sign from automatically picking up on ambient credentials. This would be useful for usage in environments that may have ambient credentials available, but the user might want to sign via the OAuth flow instead.

Right now, users need to manually determine which environment variables cosign is picking up on and unset/modify them when calling cosign sign to force it to use the OAuth flow.
@di di added the enhancement New feature or request label Apr 29, 2022
@di di mentioned this issue Apr 29, 2022
Closed
@dlorenc
Copy link
Member

dlorenc commented Apr 29, 2022

sgtm!

@znewman01
Copy link
Contributor

IMO you should be able to force it both ways: disallow ambient credential usage, or require it (with the default remaining as it is today: use it if it's there).

@puerco puerco mentioned this issue May 2, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

New flag --oidc-providers-disable to disable OIDC providers puerco/cosign
3 participants
@di @znewman01 @dlorenc