Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CLI: Verification should support complex policies via a policy file input #629

Open
woodruffw opened this issue Apr 24, 2023 · 2 comments
Open

CLI: Verification should support complex policies via a policy file input #629

woodruffw opened this issue Apr 24, 2023 · 2 comments
Labels
blocked component:cli CLI components enhancement New feature or request

Comments

@woodruffw
Copy link
Member

This issue has a few blockers, including coordination with the broader Sigstore community on a machine-readable policy format.

Key components:

  • The sigstore verify subcommands should take a --policy <FILE> or similar option, which would read in the policy file to use during verification.
  • ...or there would be a separate sigstore verify policy subcommand, since sigstore verify identity and sigstore verify github already imply basic policies.

CC @di for visibility.
@woodruffw woodruffw added enhancement New feature or request component:cli CLI components blocked labels Apr 24, 2023
@haydentherapper
Copy link
Contributor

Would it be worthwhile creating a verification policy in protobuf-specs? We can start relatively barebones, something like:

@haydentherapper
Copy link
Contributor

cc @jku

@znewman01 znewman01 mentioned this issue Jul 12, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
blocked component:cli CLI components enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@woodruffw @haydentherapper