Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add support outputting rekor response on signing #3248

Merged

Conversation

vishal-chdhry
Copy link
Contributor

Summary

Closes: #3110

Previously, there's no support for outputting a bundle with cosign sign (code), only sign-blob (code). This PR adds support for outputting rekor response on signing. This supports use-cases where a signer does not want to attach metadata immediately to the container.

Release Note

Added support outputting rekor response on signing with cosign sign

Documentation

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
@codecov
Copy link

codecov bot commented Sep 17, 2023

Codecov Report

Merging #3248 (2f5402b) into main (44f7703) will increase coverage by 0.47%.
Report is 45 commits behind head on main.
The diff coverage is 0.00%.

@@            Coverage Diff             @@
##             main    #3248      +/-   ##
==========================================
+ Coverage   30.35%   30.82%   +0.47%     
==========================================
  Files         155      155              
  Lines        9845     9967     +122     
==========================================
+ Hits         2988     3072      +84     
- Misses       6410     6442      +32     
- Partials      447      453       +6     
Files Coverage Δ
cmd/cosign/cli/sign/sign.go 13.07% <0.00%> (-1.18%) ⬇️

... and 11 files with indirect coverage changes

Copy link
Contributor

@haydentherapper haydentherapper left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you add a test for this too?

cmd/cosign/cli/sign/sign.go Outdated Show resolved Hide resolved
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
@vishal-chdhry
Copy link
Contributor Author

@haydentherapper I have added a test and updated the logic, can you please review it

Besides, I cannot run/debug tests in test/e2e_test.go. I think gopls is not working for me in that file, autocomplete does not work either. Is there anything I need to configure? I am using VSCode.

Copy link
Contributor

@haydentherapper haydentherapper left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One tiny comment, looks good!

test/e2e_test.go Outdated
@@ -951,6 +951,51 @@ func TestRekorBundle(t *testing.T) {
must(verify(pubKeyPath, imgName, true, nil, ""), t)
}

func TestRekorOutput(t *testing.T) {
// turn on the tlog
defer setenv(t, env.VariableExperimental.String(), "1")()
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you remove, the experimental flag is no longer used?

Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
@vishal-chdhry
Copy link
Contributor Author

@haydentherapper Removed the flag

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Support outputting Rekor response on signing
3 participants