Fulcio returns 200 if there's no RootCert #415
Labels
bug
Something isn't working
Comments
|
Oh dear yeah there is no status setting anywhere there. There should also be a return statement under all the error handling so so we trundle onward after hitting errrors |
vaikas
added a commit
to vaikas/fulcio
that referenced
this issue
Feb 17, 2022
Fixes: sigstore#415 Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
vaikas
added a commit
to vaikas/fulcio
that referenced
this issue
Feb 17, 2022
Fixes: sigstore#415 Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
dlorenc
pushed a commit
that referenced
this issue
Feb 17, 2022
* Return an error if we fail get get the Root cert. Fixes: #415 Signed-off-by: Ville Aikas <vaikas@chainguard.dev> * use a fake CA for testing Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
Calling Fulcio to fetch rootCert returns 200 even if there's an error, it's just logged.
https://github.com/sigstore/fulcio/blob/main/pkg/api/ca.go#L242
This looks to caller like things worked, but then they'd have to verify the output in addition to error checking. We should return an error to the caller.
/assign vaikas
The text was updated successfully, but these errors were encountered: