Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add cosign verify-bundle example #186

Merged
merged 2 commits into from
Jan 12, 2023
Merged

Add cosign verify-bundle example #186

merged 2 commits into from
Jan 12, 2023

Conversation

danbev
Copy link
Contributor

@danbev danbev commented Jan 11, 2023

Summary

This commit adds an example that uses cosign sign-blob with the --bundle option so that a bundle is generated. This bundle will then be used as an argument to verify-bundle, and it will be used to verify a blob.

Release Note

NONE

Documentation

NONE

Signed-off-by: Daniel Bevenius daniel.bevenius@gmail.com

I realize that this example is very different from the verify example. I've tried to make the usage as simple as possible, but I realize that being new to the code base I might not have enough knowledge about how this could be improved. Hopefully others can provide feedback if there are better ways of doing this.

@danbev
Add cosign verify-bundle example
70f9dc3 
This commit adds an example that uses cosign sign-blob with the
--bundle option so that a bundle is generated. This bundle will then be
used as an argument to verify-bundle, and it will be used to verify a
blob.

Signed-off-by: Daniel Bevenius <daniel.bevenius@gmail.com>
@danbev danbev mentioned this pull request Jan 12, 2023
Closed
2 tasks
flavio
flavio requested changes Jan 12, 2023
View reviewed changes
Copy link
Member

@flavio flavio left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, I left some small improvements and a change request.

Nice work, thanks for the contribution!

examples/cosign/verify-bundle/main.rs Outdated Show resolved Hide resolved
examples/cosign/verify-bundle/README.md Outdated Show resolved Hide resolved
examples/cosign/verify-bundle/main.rs Outdated Show resolved Hide resolved
examples/cosign/verify-bundle/main.rs Outdated Show resolved Hide resolved
examples/cosign/verify-bundle/main.rs Outdated Show resolved Hide resolved
src/cosign/bundle.rs Outdated Show resolved Hide resolved
src/cosign/bundle.rs Outdated Show resolved Hide resolved
src/cosign/bundle.rs Show resolved Hide resolved
@danbev
squash! Add cosign verify-bundle example
126b286 
Address PR review feedback.

Signed-off-by: Daniel Bevenius <daniel.bevenius@gmail.com>
flavio
flavio approved these changes Jan 12, 2023
View reviewed changes
Copy link
Member

@flavio flavio left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@flavio
Copy link
Member

flavio commented Jan 12, 2023

Thanks for the contribution and for having addressed the feedback I left during the PR review

@flavio flavio merged commit 084286a into sigstore:main Jan 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@flavio flavio flavio approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@danbev @flavio