Use DefaultWorkspaceDir from container instead of hardcoding /home/build #1728
+4
−2
Chainguard Enforce / Enforce - Commit Signing
succeeded
Jan 3, 2025 in 1s
Successfully verified commit signature.
CLAIM | DESCRIPTION | |
---|---|---|
✅ | Found Git signature | |
✅ | Validated Git signature | |
✅ | Validated Rekor entry | |
✅ | Allowed by policy |
Details
Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 460756072186638308615430859245737387232537218564 (0x50b5044fe7f95ac691187ea5a2f2ca7ff4de0e04)
Signature Algorithm: ECDSA-SHA384
Issuer: O=sigstore.dev,CN=sigstore-intermediate
Validity
Not Before: Jan 3 18:48:31 2025 UTC
Not After : Jan 3 18:58:31 2025 UTC
Subject: Subject Public Key Info:
Public Key Algorithm: ECDSA
Public-Key: (256 bit)
X:
04:e6:77:8a:8c:0b:64:8a:08:27:b4:10:5f:cc:84:
a2:14:e5:e1:e2:6e:0c:86:df:fb:50:8f:bc:bb:34:
73:74
Y:
c8:38:85:3c:0c:38:91:6f:9a:28:54:2b:5a:17:af:
b3:8f:96:9e:22:f2:6e:1b:8e:46:89:3b:1a:0d:61:
38:db
Curve: P-256
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature
X509v3 Extended Key Usage:
Code Signing
X509v3 Subject Key Identifier:
E4:31:D7:62:55:A4:47:B7:28:DC:79:43:21:CC:EF:F3:1D:65:7C:0D
X509v3 Authority Key Identifier:
keyid:DF:D3:E9:CF:56:24:11:96:F9:A8:D8:E9:28:55:A2:C6:2E:18:64:3F
X509v3 Subject Alternative Name: critical
email:[email protected]
oidcIssuer:
https://accounts.google.com
Unknown extension 1.3.6.1.4.1.57264.1.8
Signed Certificate Timestamp:
BHsAeQB3AN09MGrGxxEyYxkeHJlnNwKiSl643jyt/4eKcoAvKe6OAAABlC1/Z2MAAAQDAEgwRgIhAJ1io4tdShSxEVmnxGs6cdS98xCPQuavl4RPCUN2BSBHAiEAkDGPrvIuzrwAJiT0lbXDOPmLTrq0oau9TELmGd5Kzpk=
Signature Algorithm: ECDSA-SHA384
30:65:02:30:2a:3d:5b:17:60:f8:d9:fe:fd:e5:36:c7:9c:f5:
30:e3:ef:f8:dc:b8:77:08:d2:05:fe:4c:e7:b7:9a:ca:da:13:
c5:e4:fb:40:6a:38:07:29:25:3e:1f:35:5c:e8:86:c6:02:31:
00:c9:3d:6f:61:0e:e9:f5:b0:60:4b:22:01:ac:a2:ac:dc:77:
5c:d3:9a:28:19:54:5f:4c:0d:d6:4c:e9:c7:36:18:52:14:4b:
61:1e:69:8c:3b:57:14:33:42:36:24:c1:d5
Rekor Entry
{
"body": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiJjYTRjYzQ1YzE3Y2EyYmM1ZjVlM2NiYjc2OGIzYTcxYzg4Zjc0YWU3NDRjMWY0YmZiYjk4ZTIwYWU2ZWI3YjU1In19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FUUNJQmpwbFEwak5JUjVFLzlPS3NYNnR5QTc0REFMWENjVWpvUEl2TE5tMldzUUFpQUdPWDI1aHlpN3JDcFpMZ1FUa3JqMTYzRUx2Z3RHUHJzMmMwNnZ2RzNSR3c9PSIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTXhWRU5EUVd4MVowRjNTVUpCWjBsVlZVeFZSVlFyWmpWWGMyRlNSMGcyYkc5MlRFdG1MMVJsUkdkUmQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcFZkMDFVUVhwTlZHY3dUMFJOZUZkb1kwNU5hbFYzVFZSQmVrMVVaekZQUkUxNFYycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVZDVDFvemFXOTNURnBKYjBsS04xRlJXRGg1Ulc5b1ZHdzBaVXAxUkVsaVppc3hRMUFLZGt4ek1HTXpWRWxQU1ZVNFJFUnBVbUkxYjI5V1EzUmhSallyZW1vMVlXVkpka3AxUnpRMVIybFVjMkZFVjBVME1qWlBRMEZZYjNkblowWXlUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlUxUkVoWUNsbHNWMnRTTjJOdk0waHNSRWxqZW5ZNGVERnNaa0V3ZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDB0UldVUldVakJTUVZGSUwwSkNPSGRJV1VWaVdrZEdkV0pwTlcxamJVWTJZVmRXZVZGSFRtOVpWMngxV2pOV2FHTnRVWFZhUjFZeVRVTnJSd3BEYVhOSFFWRlJRbWMzT0hkQlVVVkZSekpvTUdSSVFucFBhVGgyV1ZkT2FtSXpWblZrU0UxMVdqSTVkbG95ZUd4TWJVNTJZbFJCY2tKbmIzSkNaMFZGQ2tGWlR5OU5RVVZKUWtJd1RVY3lhREJrU0VKNlQyazRkbGxYVG1waU0xWjFaRWhOZFZveU9YWmFNbmhzVEcxT2RtSlVRMEpwZDFsTFMzZFpRa0pCU0ZjS1pWRkpSVUZuVWpsQ1NITkJaVkZDTTBGT01EbE5SM0pIZUhoRmVWbDRhMlZJU214dVRuZExhVk5zTmpRemFubDBMelJsUzJOdlFYWkxaVFpQUVVGQlFncHNRekV2V2pKTlFVRkJVVVJCUldkM1VtZEphRUZLTVdsdk5IUmtVMmhUZUVWV2JXNTRSM00yWTJSVE9UaDRRMUJSZFdGMmJEUlNVRU5WVGpKQ1UwSklDa0ZwUlVGclJFZFFjblpKZFhweWQwRkthVlF3YkdKWVJFOVFiVXhVY25Fd2IyRjFPVlJGVEcxSFpEVkxlbkJyZDBObldVbExiMXBKZW1vd1JVRjNUVVFLWVVGQmQxcFJTWGRMYWpGaVJqSkVOREptTnprMVZHSklibEJWZHpRckx6UXpUR2d6UTA1SlJpOXJlbTUwTlhKTE1taFFSalZRZEVGaGFtZElTMU5WS3dwSWVsWmpOa2xpUjBGcVJVRjVWREYyV1ZFM2NEbGlRbWRUZVVsQ2NrdExjek5JWkdNd05XOXZSMVpTWmxSQk0xZFVUMjVJVG1ob1UwWkZkR2hJYlcxTkNrOHhZMVZOTUVreVNrMUlWZ290TFMwdExVVk9SQ0JEUlZKVVNVWkpRMEZVUlMwdExTMHRDZz09In19fX0=",
"integratedTime": 1735930112,
"logID": "c0d23d6ad406973f9559f3ba2d1ca01f84147d8ffc5b8445c224f98b9591801d",
"logIndex": 159333716,
"verification": {
"inclusionProof": {
"checkpoint": "rekor.sigstore.dev - 1193050959916656506\n37429463\nk7EXrfwo5ny2yjHedoF+qzQKp23v6WJeIgLcdq8AYZo=\n\n— rekor.sigstore.dev wNI9ajBFAiBngurAZiXWOBUvq/nvqn5lsD3HuTT3jjBU2YqEK6twTgIhANqEcJ1pzfoMGtrE/NDTishsHXLVBDkFGdrNaM/hX86J\n",
"hashes": [
"f9867d6a7968c76f3dcd629e2ac952990916973f47f048cf37aab55f2b526252",
"870981e47347eeadd339c5e5b34b764a2eba66a04400325c5b4b45dc9991d4f2",
"8876cb09310d92edc58a9009d9c4e10ca7dd92f023952dc6add960a47db74846",
"f3ffa36f2c5afc64e45af18a779bbbe1c4f4fae9063bcb4779c218fec1b86575",
"8b32e966225770a384ecd233ffd6cdf43873353116e5bde2323568a3e834b8b1",
"6850f8db3fc4df6902cd87e04c00f3ebf8939e15221c284eeb8ade873f4de0e2",
"0d84f57fcbb9c36b5b282e3ce5fd1c491bf06060f976b372c83b70c6df86c326",
"ee0d4dfa6432ed0f6d066892af488811577c264d7eb875341fef672706bdc477",
"2d60509c283b79a73849283cb6a7894f7a9d24131bb527d7a3521a2225e6ea7d",
"499b7c8883c03e12099b3085e209a8a286a48b6a5a3138612bca6f1c61c20900",
"b48b6a56d26059636d045f96bd0724de109cea28d0239d2646fc6d59ee815f03",
"93718b01d6fb29bd4665f91b3f77bfdc3e8df3dd9466e98a6a565776744cb0af",
"b600b0c24a703d9e8d741f89861c6d37727f31d04a96e3edcd9b8a826e1e4568",
"bde9b268c8f435ad4b3236c1ffd0e692af13fa301bde8fb20844a001ac940015"
],
"logIndex": 37429454,
"rootHash": "93b117adfc28e67cb6ca31de76817eab340aa76defe9625e2202dc76af00619a",
"treeSize": 37429463
},
"signedEntryTimestamp": "MEUCIQDo68baigiCKey82Jg29el5zNisbZV/fzjebqcytxAe+wIgYe3GYj406zzVbMYbePfJjY07qSw1MPI0ZNpbZqfrfB0="
}
}
Loading