From 60cf6b8e767d5795a863830b0bdd1907f93067d4 Mon Sep 17 00:00:00 2001
From: dlorenc <dlorenc@google.com>
Date: Sun, 12 Sep 2021 09:57:51 -0500
Subject: [PATCH] Refactor verification output. (#632)

This will make it easier to customize for attestation output.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>
---
 cmd/cosign/cli/verify.go             | 10 +++++++---
 cmd/cosign/cli/verify_attestation.go |  3 ++-
 cmd/sget/cli/sget.go                 |  3 ++-
 3 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/cmd/cosign/cli/verify.go b/cmd/cosign/cli/verify.go
index ec0ecd2992..931ef3ff0f 100644
--- a/cmd/cosign/cli/verify.go
+++ b/cmd/cosign/cli/verify.go
@@ -180,14 +180,14 @@ func (c *VerifyCommand) Exec(ctx context.Context, args []string) (err error) {
 			return err
 		}
 
-		PrintVerification(imageRef, verified, co, c.Output)
+		PrintVerificationHeader(imageRef, co)
+		PrintVerification(imageRef, verified, c.Output)
 	}
 
 	return nil
 }
 
-// PrintVerification logs details about the verification to stdout
-func PrintVerification(imgRef string, verified []cosign.SignedPayload, co *cosign.CheckOpts, output string) {
+func PrintVerificationHeader(imgRef string, co *cosign.CheckOpts) {
 	fmt.Fprintf(os.Stderr, "\nVerification for %s --\n", imgRef)
 	fmt.Fprintln(os.Stderr, "The following checks were performed on each of these signatures:")
 	if co.ClaimVerifier != nil {
@@ -206,6 +206,10 @@ func PrintVerification(imgRef string, verified []cosign.SignedPayload, co *cosig
 		fmt.Fprintln(os.Stderr, "  - The signatures were verified against the specified public key")
 	}
 	fmt.Fprintln(os.Stderr, "  - Any certificates were verified against the Fulcio roots.")
+}
+
+// PrintVerification logs details about the verification to stdout
+func PrintVerification(imgRef string, verified []cosign.SignedPayload, output string) {
 
 	switch output {
 	case "text":
diff --git a/cmd/cosign/cli/verify_attestation.go b/cmd/cosign/cli/verify_attestation.go
index 04a0fa0b95..ab85183d97 100644
--- a/cmd/cosign/cli/verify_attestation.go
+++ b/cmd/cosign/cli/verify_attestation.go
@@ -170,8 +170,9 @@ func (c *VerifyAttestationCommand) Exec(ctx context.Context, args []string) (err
 			return err
 		}
 
+		PrintVerificationHeader(imageRef, co)
 		// The attestations are always JSON, so use the raw "text" mode for outputting them instead of conversion
-		PrintVerification(imageRef, verified, co, "text")
+		PrintVerification(imageRef, verified, "text")
 	}
 
 	return nil
diff --git a/cmd/sget/cli/sget.go b/cmd/sget/cli/sget.go
index df5eec7af8..6d1af190e7 100644
--- a/cmd/sget/cli/sget.go
+++ b/cmd/sget/cli/sget.go
@@ -68,7 +68,8 @@ func SgetCmd(ctx context.Context, imageRef, keyRef string) (io.ReadCloser, error
 		if err != nil {
 			return nil, err
 		}
-		cli.PrintVerification(imageRef, sp, co, "text")
+		cli.PrintVerificationHeader(imageRef, co)
+		cli.PrintVerification(imageRef, sp, "text")
 	}
 
 	img, err := remote.Image(ref, co.RegistryClientOpts...)