Allow for rule severity overrides; add default ignore tags #481
Chainguard Enforce / Enforce - Commit Signing
succeeded
Oct 3, 2024 in 1s
Successfully verified commit signature.
| CLAIM | DESCRIPTION | |
|---|---|---|
| ✅ | Found Git signature | |
| ✅ | Validated Git signature | |
| ✅ | Validated Rekor entry | |
| ✅ | Allowed by policy |
Details
Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 198628258508662113089651683403013903383837642441 (0x22cacc9579fc1cee3d09cc6dfb7da73e991d8ec9)
Signature Algorithm: ECDSA-SHA384
Issuer: O=sigstore.dev,CN=sigstore-intermediate
Validity
Not Before: Oct 3 12:16:03 2024 UTC
Not After : Oct 3 12:26:03 2024 UTC
Subject: Subject Public Key Info:
Public Key Algorithm: ECDSA
Public-Key: (256 bit)
X:
fb:ca:e3:0f:31:02:4e:f9:7d:96:72:72:49:62:0c:
00:5c:5d:73:49:7e:a5:5e:d6:68:5c:f9:c4:7f:e6:
e1:9f
Y:
34:6d:24:04:83:5c:c2:6d:51:ed:08:94:47:2a:24:
ac:19:3d:dd:66:0b:84:d0:34:04:6b:b2:b2:66:f0:
4c:51
Curve: P-256
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature
X509v3 Extended Key Usage:
Code Signing
X509v3 Subject Key Identifier:
AF:24:E6:7C:E7:BF:E5:5D:EC:B6:48:51:51:BD:1A:05:D0:0F:CF:5A
X509v3 Authority Key Identifier:
keyid:DF:D3:E9:CF:56:24:11:96:F9:A8:D8:E9:28:55:A2:C6:2E:18:64:3F
X509v3 Subject Alternative Name: critical
email:[email protected]
oidcIssuer:
https://accounts.google.com
Unknown extension 1.3.6.1.4.1.57264.1.8
Signed Certificate Timestamp:
BHoAeAB2AN09MGrGxxEyYxkeHJlnNwKiSl643jyt/4eKcoAvKe6OAAABklJPBK4AAAQDAEcwRQIhAOQSXTvHyHsKhjxpQFCyAWpXMwmH195wjk9WHGCdoseLAiAsOD6VuOHy+FHIsdkacwTNGGTSTtAPFCE0rX6Q3eRf7A==
Signature Algorithm: ECDSA-SHA384
30:66:02:31:00:8f:be:20:90:25:72:7e:f7:0b:16:ae:2e:cc:
6e:98:9c:5a:0f:78:ee:7d:1a:89:88:30:1c:60:b0:49:60:0a:
d7:c0:98:66:30:82:cb:55:12:e0:96:96:5a:86:ae:ce:f3:02:
31:00:9b:14:83:0a:73:1a:f5:16:26:5d:3c:08:73:56:1f:ea:
c6:fd:c3:ed:cb:c0:40:2b:62:f9:e6:68:12:79:79:77:f9:11:
ec:4e:5c:14:ee:26:47:c7:1a:b6:17:ca:1f:53
Rekor Entry
{
"body": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiIzY2IxMWRkMThiYzNkOTQ4ZGUzMDA5NmE3OTRkOWQ4Yzk4Y2RmZWUzYzMzMjVjMzVmMWE4YTNhM2JiZDdlNDVhIn19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FWUNJUUM5RUVwVStIWEZKcE9PZldHais3OWU4TzY1SjFTcSthc1NITzJKczFyS1VRSWhBS082VDVZa3ZYOW9DdklQaXVJOHA1dzVKUWFHd2g5REE5SitYdDRBcWhCTCIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTXhSRU5EUVd4dFowRjNTVUpCWjBsVlNYTnlUV3hZYmpoSVR6UTVRMk40ZENzek1tNVFjR3RrYW5OcmQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcFJlRTFFUVhwTlZFbDRUbXBCZWxkb1kwNU5hbEY0VFVSQmVrMVVTWGxPYWtGNlYycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVVyT0hKcVJIcEZRMVIyYkRsc2JrcDVVMWRKVFVGR2VHUmpNR3dyY0ZZM1YyRkdlalVLZUVndmJUUmFPREJpVTFGRlp6RjZRMkpXU0hSRFNsSklTMmxUYzBkVU0yUmFaM1ZGTUVSUlJXRTNTM2xhZGtKTlZXRlBRMEZZWjNkblowWXdUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlZ5ZVZSdENtWlBaUzgxVmpOemRHdG9VbFZpTUdGQ1pFRlFlakZ2ZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDB0QldVUldVakJTUVZGSUwwSkNOSGRJU1VWaFdsaGFhR0pwTlc1aFYwcHpXbGhLUVZreWFHaGhWelZ1WkZkR2VWcEROV3RhV0ZsM1MxRlpTd3BMZDFsQ1FrRkhSSFo2UVVKQlVWRmlZVWhTTUdOSVRUWk1lVGxvV1RKT2RtUlhOVEJqZVRWdVlqSTVibUpIVlhWWk1qbDBUVU56UjBOcGMwZEJVVkZDQ21jM09IZEJVV2RGU0ZGM1ltRklVakJqU0UwMlRIazVhRmt5VG5aa1Z6VXdZM2sxYm1JeU9XNWlSMVYxV1RJNWRFMUpSMHRDWjI5eVFtZEZSVUZrV2pVS1FXZFJRMEpJZDBWbFowSTBRVWhaUVROVU1IZGhjMkpJUlZSS2FrZFNOR050VjJNelFYRktTMWh5YW1WUVN6TXZhRFJ3ZVdkRE9IQTNielJCUVVGSFV3cFZhemhGY21kQlFVSkJUVUZTZWtKR1FXbEZRVFZDU21SUE9HWkpaWGR4UjFCSGJFRlZURWxDWVd4amVrTlpabGd6YmtOUFZERlpZMWxLTW1sNE5ITkRDa2xEZHpSUWNGYzBOR1pNTkZWamFYZ3lVbkI2UWswd1dWcE9Tazh3UVRoVlNWUlRkR1p3UkdRMVJpOXpUVUZ2UjBORGNVZFRUVFE1UWtGTlJFRXlhMEVLVFVkWlEwMVJRMUIyYVVOUlNsaEtLemwzYzFkeWFUZE5ZbkJwWTFkbk9UUTNiakJoYVZsbmQwaEhRM2RUVjBGTE1UaERXVnBxUTBONU1WVlRORXBoVndwWGIyRjFlblpOUTAxUlEySkdTVTFMWTNoeU1VWnBXbVJRUVdoNlZtZ3ZjWGgyTTBRM1kzWkJVVU4wYVN0bFdtOUZibXcxWkM5clVqZEZOV05HVHpSdENsSTRZMkYwYUdaTFNERk5QUW90TFMwdExVVk9SQ0JEUlZKVVNVWkpRMEZVUlMwdExTMHRDZz09In19fX0=",
"integratedTime": 1727957763,
"logID": "c0d23d6ad406973f9559f3ba2d1ca01f84147d8ffc5b8445c224f98b9591801d",
"logIndex": 136469871,
"verification": {
"inclusionProof": {
"checkpoint": "rekor.sigstore.dev - 1193050959916656506\n14566100\n1/jyhoROkAkmxrHJLLWaQ58NhvJx69jNrljEg8DuPPc=\n\n— rekor.sigstore.dev wNI9ajBFAiAUOVA7k9oRvU7jGMcwGDZkW1D/rBsBoTedC34h0uShLwIhANbiZ2OONSj/ja312SLM5Jpjh+3sdLv9Cl9pbc6vSmux\n",
"hashes": [
"bc3e55a67624ac28ab445858f882e30e86c146cd37ad712ab83f481a5164e654",
"a53c83db553dcf86b166b269717810a03cfb3eebae08be32c361777a83da6328",
"81d53d3c4b06534dca6528b7cc435731b0db441673c89ee0c8c16f01a506640e",
"317e17974873b7822cd07f84a8bc03dfbe46f5835f4e881226cd70397e029849",
"9ee7a7f988e4e1829b5191ac62a06a4f0f01b95ec80cd8035a088e60b557ab09",
"1e8afaded94567c15d89961ba029f273ad90d927c5aa98a1b0f2f2793cf2142d",
"bda5a4e62584243c9a977cbdbae7de9a3619d91dc66fd68c1e4275c79089ae3f",
"e01fab8b69458b930f0de007e6de25e69080e25fa8efeb35c0d27f7aa42e6657",
"9563aaae4194949bed9be8bbecb87a3be450d8eaf3824c85a7c88ccdd920a05f",
"0f85d7d8a20d97dde351b58a0757a9efa93f3d1fbce994f7715a338a6f9b5819",
"f115b68d9bc6004d1bcab41800043160965509357dc3f065de9ef7d99b311dcc",
"3e096d560760e6690be6d67acfdaac11573f83dacb9447cac79d2e4a4dc167a4",
"87d6fe09251965ba5dec6d74256dc65abd5d9b74632c550072d0c52df5e653b0",
"f79076187661618a6d54c8400dfcea2b0b8c6095c9eae50ae4e2148f808e59a3",
"ec4910e5cdfe2cfa26691de3b486ac5f2ed70a3fdbcd6256e91e478bdd1c8137",
"50e20a44dacee1263cbd058f33d5eccd8077ed27ae3bc5b333c4ff2991be9f00",
"9bc8e601d7371c40caaafbc82a61a1aa88a502fa81c5986c92d5e65e1e7c5a20"
],
"logIndex": 14565609,
"rootHash": "d7f8f286844e900926c6b1c92cb59a439f0d86f271ebd8cdae58c483c0ee3cf7",
"treeSize": 14566100
},
"signedEntryTimestamp": "MEUCIQC84wFGaYywlTBRcRxTcjhLLLedv1TprqQg25O2X4o3GgIgLZXtnbhirn9/Zfu+DKasi7uF6ZjeKPy9zsWS7Ma5ZVI="
}
}
Loading