Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactor fulcio signer to take in KeyOpts (take 2) #1818

Merged
merged 2 commits into from Apr 30, 2022
Merged

Refactor fulcio signer to take in KeyOpts (take 2) #1818

merged 2 commits into from Apr 30, 2022

Conversation

wlynch
Copy link
Member

@wlynch wlynch commented Apr 29, 2022
edited

Summary

This is a roll-forward of #1788 with the provider fix (goimports accidentally removed
pkg/providers/all which removed the OIDC providers in the first commit) to fix
the e2e tests.

This commit should not have change in behavior. It changes the fulcio signer
to take in the KeyOpts struct instead of passing individual parameters through,
as well as moves common code dependent on the values to the same place.

The motivation behind this change is to make it easier to add new options without
needing to plumb through another param to the already long list.

To avoid circular dependencies (sign -> fulcio -> sign), KeyOpts was moved to the
options package.

Ticket Link

Part of #1785 (wanted to make this change first to make adding the option easier)

Release Note

NONE

@wlynch
Refactor fulcio signer to take in KeyOpts.
0d0e5b6 
This commit should not have change in behavior. It changes the fulcio signer
to take in the KeyOpts struct instead of passing individual parameters through,
as well as moves common code dependent on the values to the same place.

The motivation behind this change is to make it easier to add new options without
needing to plumb through another param to the already long list.

To avoid circular dependencies (sign -> fulcio -> sign), KeyOpts was moved to the
options package.

Signed-off-by: Billy Lynch <billy@chainguard.dev>
@wlynch
Re-add OIDC providers to sign command.
75f0496 
Signed-off-by: Billy Lynch <billy@chainguard.dev>
@codecov-commenter
Copy link

codecov-commenter commented Apr 29, 2022
edited

Codecov Report

Merging #1818 (75f0496) into main (afaf0a3) will increase coverage by 1.38%.
The diff coverage is 3.44%.

@@            Coverage Diff             @@
##             main    #1818      +/-   ##
==========================================
+ Coverage   31.46%   32.84%   +1.38%     
==========================================
  Files         144      147       +3     
  Lines        8893     9349     +456     
==========================================
+ Hits         2798     3071     +273     
- Misses       5758     5922     +164     
- Partials      337      356      +19
Impacted Files Coverage Δ
cmd/cosign/cli/attest.go 0.00% <0.00%> (ø)
cmd/cosign/cli/policy_init.go 1.40% <0.00%> (ø)
cmd/cosign/cli/sign.go 0.00% <0.00%> (ø)
cmd/cosign/cli/sign/sign.go 14.69% <0.00%> (+0.33%) ⬆️
cmd/cosign/cli/sign/sign_blob.go 0.00% <0.00%> (ø)
cmd/cosign/cli/signblob.go 0.00% <0.00%> (ø)
cmd/cosign/cli/verify.go 0.00% <0.00%> (ø)
cmd/cosign/cli/verify/verify_blob.go 10.42% <0.00%> (ø)
cmd/cosign/cli/fulcio/fulcio.go 22.10% <7.14%> (-2.90%) ⬇️
pkg/cosign/kubernetes/webhook/validation.go 74.00% <0.00%> (-6.77%) ⬇️
... and 16 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update afaf0a3...75f0496. Read the comment docs.

@dlorenc
Copy link
Member

dlorenc commented Apr 30, 2022

Nice fix!

@dlorenc dlorenc merged commit d2d7464 into sigstore:main Apr 30, 2022
@github-actions github-actions bot added this to the v1.9.0 milestone Apr 30, 2022
mlieberman85 pushed a commit to mlieberman85/cosign that referenced this pull request May 6, 2022
@wlynch @mlieberman85
Refactor fulcio signer to take in KeyOpts (take 2) (sigstore#1818)
53141c2 
* Refactor fulcio signer to take in KeyOpts.

This commit should not have change in behavior. It changes the fulcio signer
to take in the KeyOpts struct instead of passing individual parameters through,
as well as moves common code dependent on the values to the same place.

The motivation behind this change is to make it easier to add new options without
needing to plumb through another param to the already long list.

To avoid circular dependencies (sign -> fulcio -> sign), KeyOpts was moved to the
options package.

Signed-off-by: Billy Lynch <billy@chainguard.dev>

* Re-add OIDC providers to sign command.

Signed-off-by: Billy Lynch <billy@chainguard.dev>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dlorenc dlorenc dlorenc approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v1.9.0
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@wlynch @codecov-commenter @dlorenc