Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add fix-bundle plumbing command #1089

Merged
merged 13 commits into from
Aug 19, 2024
Merged

add fix-bundle plumbing command #1089

merged 13 commits into from
Aug 19, 2024

Conversation

woodruffw
Copy link
Member

@woodruffw woodruffw commented Aug 8, 2024
edited
Loading

WIP; needs documentation and feedback.

This command enables users to fix older bundles
that were malformed by older versions of sigstore-python.

This changeset also includes a new integration test hierarchy, with a starter test for the new fix-bundle command based on a publicly observed malformed bundle.

CC @sethmlarson

Closes #1088.

See python/cpython#122785.

@woodruffw
add fix-bundle plumbing command
4565429 
This command enables users to fix older bundles
that were malformed by older versions of sigstore-python.

This changeset also includes a new integration test
hierarchy, with a starter test for the new `fix-bundle`
command based on a publicly observed malformed bundle.

Signed-off-by: William Woodruff <[email protected]>
@woodruffw woodruffw added component:cli CLI components component:verification Core verification functionality component:api Public APIs labels Aug 8, 2024
@woodruffw woodruffw self-assigned this Aug 8, 2024
@woodruffw
fix gitignore
23a0f46 
Signed-off-by: William Woodruff <[email protected]>
@woodruffw
more missing files
099dd28 
Signed-off-by: William Woodruff <[email protected]>
@woodruffw
fix more ignored test files
4085c80 
Signed-off-by: William Woodruff <[email protected]>
@woodruffw woodruffw mentioned this pull request Aug 8, 2024
Closed
@woodruffw
ci: disable intergration tests in offline tests
4fb59d8 
Signed-off-by: William Woodruff <[email protected]>
@woodruffw
Makefile: fix gen-x509-testcases path
5c20b78 
Signed-off-by: William Woodruff <[email protected]>
@woodruffw
gitattributes: CRLF insanity
d4a6866 
Signed-off-by: William Woodruff <[email protected]>
@woodruffw
update --help
c818b76 
Signed-off-by: William Woodruff <[email protected]>
@woodruffw
add --upgrade-version integration test
7a9e45d 
Signed-off-by: William Woodruff <[email protected]>
@woodruffw
CHANGELOG: record changes
c6f4903 
Signed-off-by: William Woodruff <[email protected]>
@haydentherapper
Copy link
Contributor

Just to cross reference, we were thinking about building a similar capability in sigstore/cosign#3794, to upgrade a bundle.

@woodruffw woodruffw requested review from di and jku August 9, 2024 16:48
@sethmlarson
Copy link
Contributor

Confirming that I was able to get Sigstore CLI to verify all existing CPython Sigstore bundles if this process is run on them.

@sethmlarson sethmlarson mentioned this pull request Aug 9, 2024
Closed
@woodruffw woodruffw enabled auto-merge (squash) August 19, 2024 14:52
@woodruffw woodruffw merged commit a966b3e into main Aug 19, 2024
24 checks passed
@woodruffw woodruffw deleted the ww/sigstore-plumbing branch August 19, 2024 14:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@di di di approved these changes

@jku jku Awaiting requested review from jku

Assignees

@woodruffw woodruffw

Labels
component:api Public APIs component:cli CLI components component:verification Core verification functionality
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Some 0.1 bundles fail to verify
4 participants
@woodruffw @haydentherapper @sethmlarson @di