Skip to content

Commit 6cad4e5

Browse files
anithapriyanatarajananithapriyanatarajan
authored
fix: upgrade cosign 2.6.0 to 2.6.2 (#1537)
Signed-off-by: Anitha Natarajan <anataraj@redhat.com>
1 parent 2548d11 commit 6cad4e5

File tree

1,595 files changed

+63048
-156657
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

1,595 files changed

+63048
-156657
lines changed

.github/workflows/lint.yaml

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -27,20 +27,22 @@ jobs:
2727
go-version: "1.23"
2828

2929
- uses: actions/checkout@6d193bf28034eafb982f37bd894289fe649468fc # v4.1.7
30+
with:
31+
fetch-depth: 0
3032

3133
- name: golangci-lint
3234
uses: golangci/golangci-lint-action@4afd733a84b1f43292c63897423277bb7f4313a9 # v8.0.0
3335
with:
3436
# Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version
3537
version: latest
36-
38+
args: --new-from-merge-base=origin/${{ github.base_ref }} --timeout=10m
3739
# Optional: working directory, useful for monorepos
3840
# working-directory: somedir
3941

4042
# Optional: golangci-lint command line arguments.
4143

4244
# Optional: show only new issues if it's a pull request. The default value is `false`.
43-
only-new-issues: true
45+
# only-new-issues: true
4446

4547
# Optional: if set to true then the all caching functionality will be complete disabled,
4648
# takes precedence over all other caching options.

go.mod

Lines changed: 110 additions & 116 deletions
Large diffs are not rendered by default.

go.sum

Lines changed: 240 additions & 1065 deletions
Large diffs are not rendered by default.

pkg/artifacts/signable.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -326,7 +326,7 @@ func isValidArtifactOutput(res objects.Result) (bool, error) {
326326
return false, fmt.Errorf("%s should have digest field: %v", res.Name, res.Value.ObjectVal)
327327
}
328328
if _, _, err := ParseDigest(res.Value.ObjectVal["digest"]); err != nil {
329-
return false, fmt.Errorf("error getting digest %s: %v", res.Value.ObjectVal["digest"], err)
329+
return false, fmt.Errorf("error getting digest %s: %w", res.Value.ObjectVal["digest"], err)
330330
}
331331
return true, nil
332332
}

pkg/chains/formats/slsa/attest/attest.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -127,7 +127,7 @@ func SPDXGit(url, revision string) string {
127127
url = artifacts.GitSchemePrefix + url
128128
}
129129
if !strings.HasSuffix(url, ".git") {
130-
url = url + ".git"
130+
url += ".git"
131131
}
132132
if revision == "" {
133133
return url

pkg/chains/formats/slsa/internal/material/material.go

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@ import (
2727
"github.com/tektoncd/chains/pkg/chains/formats/slsa/internal/artifact"
2828
"github.com/tektoncd/chains/pkg/chains/formats/slsa/internal/slsaconfig"
2929
"github.com/tektoncd/chains/pkg/chains/objects"
30+
v1 "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1"
3031
"knative.dev/pkg/logging"
3132
)
3233

@@ -70,7 +71,9 @@ func PipelineMaterials(ctx context.Context, pro *objects.PipelineRunObjectV1, sl
7071
}
7172
pSpec := pro.Status.PipelineSpec
7273
if pSpec != nil {
73-
pipelineTasks := append(pSpec.Tasks, pSpec.Finally...)
74+
pipelineTasks := make([]v1.PipelineTask, 0, len(pSpec.Tasks)+len(pSpec.Finally))
75+
pipelineTasks = append(pipelineTasks, pSpec.Tasks...)
76+
pipelineTasks = append(pipelineTasks, pSpec.Finally...)
7477
for _, t := range pipelineTasks {
7578
taskRuns := pro.GetTaskRunsFromTask(t.Name)
7679
if len(taskRuns) == 0 {
@@ -255,7 +258,9 @@ func FromPipelineParamsAndResults(ctx context.Context, pro *objects.PipelineRunO
255258
// search type hinting param/results from each individual taskruns
256259
if slsaconfig.DeepInspectionEnabled {
257260
logger := logging.FromContext(ctx)
258-
pipelineTasks := append(pSpec.Tasks, pSpec.Finally...)
261+
pipelineTasks := make([]v1.PipelineTask, 0, len(pSpec.Tasks)+len(pSpec.Finally))
262+
pipelineTasks = append(pipelineTasks, pSpec.Tasks...)
263+
pipelineTasks = append(pipelineTasks, pSpec.Finally...)
259264
for _, t := range pipelineTasks {
260265
taskRuns := pro.GetTaskRunsFromTask(t.Name)
261266
if len(taskRuns) == 0 {

pkg/chains/formats/slsa/v1/intotoite6_test.go

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -558,10 +558,8 @@ func TestCreatePayloadError(t *testing.T) {
558558
}
559559
if err == nil {
560560
t.Errorf("Expected error")
561-
} else {
562-
if err.Error() != "intoto does not support type: not a task ref" {
563-
t.Errorf("wrong error returned: '%s'", err.Error())
564-
}
561+
} else if err.Error() != "intoto does not support type: not a task ref" {
562+
t.Errorf("wrong error returned: '%s'", err.Error())
565563
}
566564
})
567565

pkg/chains/formats/slsa/v1/pipelinerun/pipelinerun.go

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -101,7 +101,9 @@ func buildConfig(ctx context.Context, pro *objects.PipelineRunObjectV1) BuildCon
101101
if pSpec == nil {
102102
return BuildConfig{}
103103
}
104-
pipelineTasks := append(pSpec.Tasks, pSpec.Finally...)
104+
pipelineTasks := make([]v1.PipelineTask, 0, len(pSpec.Tasks)+len(pSpec.Finally))
105+
pipelineTasks = append(pipelineTasks, pSpec.Tasks...)
106+
pipelineTasks = append(pipelineTasks, pSpec.Finally...)
105107

106108
var last string
107109
for i, t := range pipelineTasks {

pkg/chains/objects/objects_test.go

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -178,15 +178,15 @@ func TestPipelineRun_GetResults(t *testing.T) {
178178
pr := NewPipelineRunObjectV1(getPipelineRun())
179179
got := pr.GetResults()
180180
assert.ElementsMatch(t, got, []Result{
181-
Result{
181+
{
182182
Name: "img1_input_ARTIFACT_INPUTS",
183183
Value: *v1.NewObject(map[string]string{
184184
"uri": "gcr.io/foo/bar",
185185
"digest": "sha256:05f95b26ed10668b7183c1e2da98610e91372fa9f510046d4ce5812addad86b7",
186186
}),
187187
},
188-
Result{Name: "mvn1_ARTIFACT_URI", Value: *v1.NewStructuredValues("projects/test-project/locations/us-west4/repositories/test-repo/mavenArtifacts/com.google.guava:guava:31.0-jre")},
189-
Result{Name: "mvn1_ARTIFACT_DIGEST", Value: *v1.NewStructuredValues("sha256:05f95b26ed10668b7183c1e2da98610e91372fa9f510046d4ce5812addad86b5")},
188+
{Name: "mvn1_ARTIFACT_URI", Value: *v1.NewStructuredValues("projects/test-project/locations/us-west4/repositories/test-repo/mavenArtifacts/com.google.guava:guava:31.0-jre")},
189+
{Name: "mvn1_ARTIFACT_DIGEST", Value: *v1.NewStructuredValues("sha256:05f95b26ed10668b7183c1e2da98610e91372fa9f510046d4ce5812addad86b5")},
190190
})
191191
})
192192

pkg/chains/signing/x509/x509_test.go

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -54,12 +54,14 @@ MC4CAQAwBQYDK2VwBCIEIGQn0bJwshjwuVdnd/FylMk3Gvb89aGgH49bQpgzCY0n
5454
// python3 -c "import jwt; import time; private_key = open('/tmp/private.pem').read(); payload = {'iat': int(time.time()), 'exp': int(time.time()) + 3600 * 24 * 365 * 10, 'iss': 'user123'}; print(jwt.encode(payload, private_key, algorithm='RS256'))"
5555
const token = `eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE3NjIzMTIzOTQsImV4cCI6MjA3NzY3MjM5NCwiaXNzIjoidXNlcjEyMyJ9.Adm27mf955gZA2pcWLqF4LLrqzFbXYsdYNg1sScF9MbyeuE-4eVpqV91Rk-iRwwIrtKuOVkEDdulrAqeuIhMxGB7jNXWXxf6sVEHV57_QgB0KR_z-JVxEbTZBu6nIVBwDxmVFGQFVMtZbqsyX8J4F_jp0pSInFPqYQbS9xAGhvOnni_owp325Siev2Z-kWsnTTFOTi0C9g9BApPxXQEE17COYdXjxsBCJQQttb1Ww7IQLCf59wU5ZpNM7npzxvKuOBT1kmHPp1ZDCNxfA_a6JMIB4NQAzYV0ULRbXNftxwglFoyitWge-SyxohnTVfV1gplE8qi6kR2CQJORBMvx6w`
5656

57+
const testTrueValue = "true"
58+
5759
func TestCreateSignerFulcioEnabledDefaultTokenFileMissing(t *testing.T) {
5860
ctx := logtesting.TestContextWithLogger(t)
5961
d := t.TempDir()
6062

6163
data := make(map[string]string)
62-
data["signers.x509.fulcio.enabled"] = "true"
64+
data["signers.x509.fulcio.enabled"] = testTrueValue
6365
cfg, err := config.NewConfigFromMap(data)
6466
if err != nil {
6567
t.Fatal(err)
@@ -88,7 +90,7 @@ func TestCreateSignerFulcioEnabled(t *testing.T) {
8890
}
8991

9092
data := make(map[string]string)
91-
data["signers.x509.fulcio.enabled"] = "true"
93+
data["signers.x509.fulcio.enabled"] = testTrueValue
9294
data["signers.x509.identity.token.file"] = tk
9395
cfg, err := config.NewConfigFromMap(data)
9496
if err != nil {
@@ -123,7 +125,7 @@ func TestCreateSignerFulcioEnabledFilesystemProvider(t *testing.T) {
123125
}
124126

125127
data := make(map[string]string)
126-
data["signers.x509.fulcio.enabled"] = "true"
128+
data["signers.x509.fulcio.enabled"] = testTrueValue
127129
data["signers.x509.identity.token.file"] = tk
128130
data["signers.x509.fulcio.provider"] = "filesystem"
129131
cfg, err := config.NewConfigFromMap(data)

0 commit comments

Comments
 (0)