Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add trusted-root create helper command #3876

Merged
merged 11 commits into from
Oct 29, 2024
Merged

Add trusted-root create helper command #3876

merged 11 commits into from
Oct 29, 2024

Commits on Sep 11, 2024

  1. Fixes sigstore#3700: add trusted-root create helper command 

    To help cosign users move from providing disparate verification material
to a single file that contains the needed verification material.

This makes it easier for users to rotate key material and specify what
time period different keys were valid.

Signed-off-by: Zach Steindler <steiza@github.com>
    @steiza
    steiza committed Sep 11, 2024
    Configuration menu
    Copy the full SHA
    2552371 View commit details
    Browse the repository at this point in the history

  2. Linter fixes and docgen 

    Signed-off-by: Zach Steindler <steiza@github.com>
    @steiza
    steiza committed Sep 11, 2024
    Configuration menu
    Copy the full SHA
    ea1c77f View commit details
    Browse the repository at this point in the history

  3. Fix Windows unit test 

    Signed-off-by: Zach Steindler <steiza@github.com>
    @steiza
    steiza committed Sep 11, 2024
    Configuration menu
    Copy the full SHA
    a53ec25 View commit details
    Browse the repository at this point in the history

Commits on Sep 12, 2024

  1. Output via stdout instead of stderr 

    Signed-off-by: Zach Steindler <steiza@github.com>
    @steiza
    steiza committed Sep 12, 2024
    Configuration menu
    Copy the full SHA
    e0041bb View commit details
    Browse the repository at this point in the history

  2. Add ctlogs to cosign trusted-root create 

    With `--ignore-sct` to support if you are using keys instead of Fulcio.

Signed-off-by: Zach Steindler <steiza@github.com>
    @steiza
    steiza committed Sep 12, 2024
    Configuration menu
    Copy the full SHA
    06284e2 View commit details
    Browse the repository at this point in the history

  3. Replace --rekor-url with --ignore-tlog 

    Similar to `--ignore-sct`

Signed-off-by: Zach Steindler <steiza@github.com>
    @steiza
    steiza committed Sep 12, 2024
    Configuration menu
    Copy the full SHA
    b3262d7 View commit details
    Browse the repository at this point in the history

Commits on Sep 26, 2024

  1. Just use paths to files on disk 

    Instead of clients querying remote servers

Signed-off-by: Zach Steindler <steiza@github.com>
    @steiza
    steiza committed Sep 26, 2024
    Configuration menu
    Copy the full SHA
    cab9148 View commit details
    Browse the repository at this point in the history

Commits on Oct 8, 2024

  1. Add the ability to supply multiple verification material 

    Also add ability to specify validity start time for keys

Signed-off-by: Zach Steindler <steiza@github.com>
    @steiza
    steiza committed Oct 8, 2024
    Configuration menu
    Copy the full SHA
    f705836 View commit details
    Browse the repository at this point in the history

Commits on Oct 17, 2024

  1. Don't panic if there's unexpected content in PEM file 

    Update tests, also fix documentation for flags that were removed.

Co-authored-by: Dmitry S <dsavints@gmail.com>
Signed-off-by: Zach Steindler <steiza@github.com>
    @steiza @dmitris
    steiza and dmitris committed Oct 17, 2024
    Configuration menu
    Copy the full SHA
    b8d58d7 View commit details
    Browse the repository at this point in the history

  2. remove trailing newline 

    Signed-off-by: Zach Steindler <steiza@github.com>
    @steiza
    steiza committed Oct 17, 2024
    Configuration menu
    Copy the full SHA
    1e7a436 View commit details
    Browse the repository at this point in the history

Commits on Oct 18, 2024

  1. Simplify imports 

    Signed-off-by: Zach Steindler <steiza@github.com>
    @steiza
    steiza committed Oct 18, 2024
    Configuration menu
    Copy the full SHA
    1bd2b08 View commit details
    Browse the repository at this point in the history