Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: make branch optional #192

Merged
merged 13 commits into from
Aug 9, 2022
Merged

feat: make branch optional #192

merged 13 commits into from
Aug 9, 2022

Conversation

laurentsimon
Copy link
Contributor

@laurentsimon laurentsimon commented Aug 5, 2022
edited
Loading

If a release is made from a commit (rather than a branch):

./slsa-verifier-linux-amd64 \
  -provenance artifacts.intoto.jsonl \
  -artifact-path secure_package_template-0.2.0-py3-none-any.whl \
  -tag 0.1.9 \
  -source github.com/sethmlarson/python-slsa-release-test

FAILED: SLSA verification failed: invalid DSSE envelope payload: environment type string

This PR changes the behavior to:

FAILED: SLSA verification failed: expected branch 'refs/heads/main', got '': branch used to generate the binary does not match provenance
exit status 2

This PR also makes the branch an optional argument to the CLI.
We need to add support for commit, see #180 (comment)

@laurentsimon laurentsimon requested review from asraa and ianlewis August 5, 2022 17:29
@laurentsimon laurentsimon mentioned this pull request Aug 5, 2022
Open
This was referenced Aug 8, 2022
Closed
Closed
ianlewis
ianlewis approved these changes Aug 9, 2022
View reviewed changes
verifiers/internal/gha/provenance.go Outdated Show resolved Hide resolved
verifiers/internal/gha/provenance.go Outdated Show resolved Hide resolved
@laurentsimon laurentsimon changed the title feat: handle build from a commit feat: make branch optional Aug 9, 2022
@laurentsimon laurentsimon enabled auto-merge (squash) August 9, 2022 21:23
@laurentsimon laurentsimon disabled auto-merge August 9, 2022 21:23
@laurentsimon laurentsimon enabled auto-merge (squash) August 9, 2022 22:44
@laurentsimon laurentsimon merged commit 4ca6320 into slsa-framework:main Aug 9, 2022
@asraa asraa mentioned this pull request Oct 5, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@asraa asraa asraa approved these changes

@ianlewis ianlewis ianlewis approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@laurentsimon @ianlewis @asraa