Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

move verify-dockerfile to dockerfile verify #662

Merged
merged 2 commits into from
Sep 14, 2021
Merged

move verify-dockerfile to dockerfile verify #662

merged 2 commits into from
Sep 14, 2021

Conversation

dekkagaijin
Copy link
Member

@dekkagaijin dekkagaijin commented Sep 14, 2021
edited
Loading

BREAKING

This command group lets us begin splitting up image discovery from image signature creation/verification. Another subcommand I'm imagining is:

  • dockerfile resolve-images which resolves FROM image:tags to FROM image@sha256:digest and either outputs the list of image digests (e.g. for something like cosign dockerfile resolve-images $FILE | xargs cosign verify) or outputs a re-written file (to STDOUT or in-place).

@dekkagaijin
Copy link
Member Author

/cc @mattmoor

move verify-dockerfile to dockerfile verify
0905767 
Signed-off-by: Jake Sanders <jsand@google.com>
@dekkagaijin dekkagaijin mentioned this pull request Sep 14, 2021
Closed
@dekkagaijin
Copy link
Member Author

/cc @developer-guy

@dekkagaijin
Copy link
Member Author

I'm thinking that my concerns about maintainability we'd be taking on by adding new commands and functionality for image discovery would be at least partially ameliorated by formally separating functionality out into different commands. This lets us avoid a situation where we have to support a cross-product of functionality for both a) processing dockerfiles and b) signing/verifying images under a single surface

mattmoor
mattmoor reviewed Sep 14, 2021
View reviewed changes
cmd/cosign/cli/dockerfile/cmdgroup.go Outdated
return &ffcli.Command{
Name: "dockerfile",
ShortUsage: "cosign dockerfile",
ShortHelp: "Provides utilities for attaching artifacts to other artifacts in a registry",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This sounds wrong

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

cmd/cosign/cli/dockerfile/cmdgroup.go
// See the License for the specific language governing permissions and
// limitations under the License.

package dockerfile
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for putting this into its own package 🤩 cli is getting crowded

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah, been splitting subcommand groups into their own folders

fix docstring
1e03291 
Signed-off-by: Jake Sanders <jsand@google.com>
@priyawadhwa priyawadhwa merged commit 1b1cafc into sigstore:main Sep 14, 2021
@dekkagaijin dekkagaijin deleted the dockerfile branch September 14, 2021 20:56
@cpanato cpanato added this to the v1.2.0 milestone Sep 15, 2021
@dekkagaijin dekkagaijin mentioned this pull request Sep 17, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@priyawadhwa priyawadhwa priyawadhwa approved these changes

@mattmoor mattmoor mattmoor approved these changes

@dlorenc dlorenc Awaiting requested review from dlorenc

@developer-guy developer-guy Awaiting requested review from developer-guy

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v1.2.0
Development

Successfully merging this pull request may close these issues.
4 participants
@dekkagaijin @mattmoor @priyawadhwa @cpanato