From e3fa12e02af82525b0d21d9f0a5e4e066ced88ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Batuhan=20Apayd=C4=B1n?= Date: Tue, 20 Sep 2022 22:04:29 +0300 Subject: [PATCH] feat: use stdin as an input for predicate MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Batuhan Apaydın --- cmd/cosign/cli/attest/attest.go | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/cmd/cosign/cli/attest/attest.go b/cmd/cosign/cli/attest/attest.go index 6ff9242bb01..708594958cb 100644 --- a/cmd/cosign/cli/attest/attest.go +++ b/cmd/cosign/cli/attest/attest.go @@ -21,6 +21,7 @@ import ( _ "crypto/sha256" // for `crypto.SHA256` "encoding/json" "fmt" + "io" "os" "time" @@ -64,7 +65,7 @@ func uploadToTlog(ctx context.Context, sv *sign.SignerVerifier, rekorURL string, return cbundle.EntryToBundle(entry), nil } -//nolint +// nolint func AttestCmd(ctx context.Context, ko options.KeyOpts, regOpts options.RegistryOptions, imageRef string, certPath string, certChainPath string, noUpload bool, predicatePath string, force bool, predicateType string, replace bool, timeout time.Duration, noTlogUpload bool) error { // A key file or token is required unless we're in experimental mode! @@ -116,12 +117,18 @@ func AttestCmd(ctx context.Context, ko options.KeyOpts, regOpts options.Registry wrapped := dsse.WrapSigner(sv, types.IntotoPayloadType) dd := cremote.NewDupeDetector(sv) - fmt.Fprintln(os.Stderr, "Using payload from:", predicatePath) - predicate, err := os.Open(predicatePath) - if err != nil { - return err + var predicate io.ReadCloser + if predicatePath == "-" { + fmt.Fprintln(os.Stderr, "Using payload from: standard input") + predicate = os.Stdin + } else { + fmt.Fprintln(os.Stderr, "Using payload from:", predicatePath) + predicate, err = os.Open(predicatePath) + if err != nil { + return err + } + defer predicate.Close() } - defer predicate.Close() sh, err := attestation.GenerateStatement(attestation.GenerateOpts{ Predicate: predicate,