cosign icon indicating copy to clipboard operation
cosign copied to clipboard

Published 20 hours ago verified publisher icon sigstore

Refactor + Minor Fixes in key gen and key import commands

Open sbs2001 opened this issue 3 years ago • 2 comments

Refactors:

  • [X] Use the ConfirmPrompt function everywhere instead of rolling prompt implementation everywhere.
  • [ ] Move pkg/cosign/common.go to internal package.
  • [ ] Maybe have a single function for writing + handling perms for private & public key.

Fixes:

Address https://github.com/sigstore/cosign/blob/1d224d924197d3fab3f624a5cbe27f25d934e9f2/cmd/cosign/cli/generate/generate_key_pair.go#L101 and https://github.com/sigstore/cosign/blob/1d224d924197d3fab3f624a5cbe27f25d934e9f2/cmd/cosign/cli/importkeypair/import_key_pair.go#L52

sbs2001 avatar Jul 01 '22 14:07 sbs2001

@asraa and @venafi-iw could you please clarify what the TODO precisely means ;) Is it perm locking down in the sense of doing something equivalent to chattr +i <key_file> ?

sbs2001 avatar Jul 01 '22 14:07 sbs2001

This PR is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 10 days.

github-actions[bot] avatar Aug 19 '22 02:08 github-actions[bot]

This PR was closed because it has been stalled for 10 days with no activity.

github-actions[bot] avatar Aug 29 '22 02:08 github-actions[bot]