connaisseur icon indicating copy to clipboard operation
connaisseur copied to clipboard

Published 20 hours ago verified publisher icon sse-secure-systems

feat: cosign keyless support

Open xopham opened this issue 2 years ago • 2 comments

Fixes #141

Description

  • adds support for cosign keyless signatures via OIDC

:warning: WIP Notes:

  • integration test should be added
  • requires specification of rekor root cert and rekor url (host flag?)
  • should allow to specify the issuer as well to avoid malicious OIDC from malicious identity provider

Checklist

  • [ ] PR is rebased to/aimed at branch develop
  • [ ] PR follows Contributing Guide
  • [ ] Added tests (if necessary)
  • [ ] Extended README/Documentation (if necessary)
  • [ ] Adjusted versions of image and Helm chart in values.yaml and Chart.yaml (if necessary)

xopham avatar Nov 05 '21 16:11 xopham

Codecov Report

Merging #407 (aaf2f1e) into develop (6102a6f) will decrease coverage by 0.14%. The diff coverage is 100.00%.

@@             Coverage Diff             @@
##           develop     #407      +/-   ##
===========================================
- Coverage    96.81%   96.66%   -0.15%     
===========================================
  Files           22       22              
  Lines         1226     1231       +5     
===========================================
+ Hits          1187     1190       +3     
- Misses          39       41       +2
Impacted Files Coverage Δ
connaisseur/validators/cosign/cosign_validator.py 97.91% <100.00%> (-1.37%) :arrow_down:

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

codecov-commenter avatar Aug 05 '22 13:08 codecov-commenter

be aware of this: https://github.com/sse-secure-systems/connaisseur/pull/969#discussion_r1159669738

phbelitz avatar Apr 13 '23 08:04 phbelitz