Skip to content

VSA POC #2497

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 4 commits into
base: main
Choose a base branch
from
Draft

VSA POC #2497

wants to merge 4 commits into from

Conversation

joejstuart
Copy link
Member

@joejstuart joejstuart commented Apr 30, 2025
edited
Loading

Checks if VSA exists before validation. If a VSA exists, it will display the results stored in it as the report.

If a VSA does not exist, runs validation, then generates and stores a VSA in Rekor.

This accepts a new argument --attestor-key which is a private key to sign the VSA

ec validate image \
  --image quay.io/redhat-user-workloads/rhtap-contract-tenant/golden-container/golden-container@sha256:ad333bfa53d18c684821c85bfa8693e771c336f0ba1a286b3a6ec37dd95a232e \
  --policy github.com/joejstuart/ec-config//slsa3-failed?ref=volatile-test \
  --public-key pub.key \
  --ignore-rekor \
  --output "text?show-successes=false" \
  --output appstudio \
  --show-successes \
  --info \
  --attestor-key cosign.key

@joejstuart joejstuart marked this pull request as draft April 30, 2025 18:53
@joejstuart joejstuart force-pushed the VSA-POC branch 2 times, most recently from 844b3fd to 6330bf1 Compare April 30, 2025 19:26
joejstuart added 4 commits May 6, 2025 12:12
@joejstuart
VSA POC
65d026b 
Checks if VSA exists before validation
If a VSA exists, it will display the results
stored in it as the report.

If a VSA does not exists, runs validation, then
generates and stores a VSA in Rekor.
@joejstuart
set to nil
75f4ef4
@joejstuart
update
1eeda3a
@joejstuart
proper unmarshaling
ee87a87
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@joejstuart