cosign icon indicating copy to clipboard operation
cosign copied to clipboard

Published 20 hours ago verified publisher icon sigstore

add handling of keyless verification for all verify commands

Open dmitris opened this issue 1 year ago • 1 comments
trafficstars

Summary

Copy the handling of non-Fulcio keys from the verify to all the other verify commands (verify-attestation, verify-blob, verify-blob-attestations).

Currently the large code snippets for the if keylessVerification(c.KeyRef, c.Sk) { code are copied verbatim into several files (yikes!) - the intention is to factor this out into a helper function.

Fix #3759.

Release Note

  • add keyless verification and --ca-roots / --ca-intermediates parameters to the verify-attestation, verify-blob, and verify-blob-attestations commands (in addition to verify)

Documentation

TODO - create a corresponding https://github.com/sigstore/docs PR

dmitris avatar Jul 02 '24 18:07 dmitris