diff --git a/cmd/syft/cli/attest/attest.go b/cmd/syft/cli/attest/attest.go index 26f7fed1156..6758edb2867 100644 --- a/cmd/syft/cli/attest/attest.go +++ b/cmd/syft/cli/attest/attest.go @@ -70,7 +70,14 @@ func Run(ctx context.Context, app *config.Application, ko sigopts.KeyOpts, args return err } - format := syft.FormatByName(app.Outputs[0]) + output := parseAttestationOutput(app.Outputs) + + format := syft.FormatByName(output) + + // user typo or unknown outputs provided + if format == nil { + format = syft.FormatByID(syftjson.ID) // default attestation format + } predicateType := formatPredicateType(format) if predicateType == "" { return fmt.Errorf( @@ -109,6 +116,14 @@ func Run(ctx context.Context, app *config.Application, ko sigopts.KeyOpts, args ) } +func parseAttestationOutput(outputs []string) (format string) { + if len(outputs) == 0 { + outputs = append(outputs, string(syftjson.ID)) + } + + return outputs[0] +} + func parseImageSource(userInput string, app *config.Application) (s *source.Input, err error) { si, err := source.ParseInput(userInput, app.Platform, false) if err != nil { diff --git a/test/cli/attest_cmd_test.go b/test/cli/attest_cmd_test.go index 43a1d040450..ef264c7aa08 100644 --- a/test/cli/attest_cmd_test.go +++ b/test/cli/attest_cmd_test.go @@ -40,6 +40,14 @@ func TestAttestCmd(t *testing.T) { }, pw: "", }, + { + name: "can encode syft.json as the predicate given a user format typo", + args: []string{"attest", "-o", "spdx-jsonx", "--key", "cosign.key", img}, + assertions: []traitAssertion{ + assertSuccessfulReturnCode, + }, + pw: "", + }, } for _, test := range tests {