From c7799bf3d6045839368aa63dd1c1d9d7574244ef Mon Sep 17 00:00:00 2001 From: Jason Hall Date: Wed, 11 May 2022 15:45:31 -0400 Subject: [PATCH] Use sigstore methods throughout codebase Signed-off-by: Jason Hall --- cmd/cosign/cli/fulcio/fulcio.go | 2 +- cmd/cosign/cli/fulcio/fulcioverifier/ctl/verify.go | 2 +- cmd/cosign/cli/initialize/init.go | 2 +- cmd/cosign/cli/options/initialize.go | 2 +- cmd/cosign/cli/policy_init.go | 2 +- cmd/cosign/cli/sign/sign_test.go | 2 +- cmd/cosign/cli/verify/verify_blob.go | 2 +- pkg/cosign/kubernetes/webhook/validation.go | 2 +- pkg/cosign/tlog.go | 2 +- pkg/cosign/verify.go | 2 +- pkg/cosign/verify_test.go | 8 ++++---- 11 files changed, 14 insertions(+), 14 deletions(-) diff --git a/cmd/cosign/cli/fulcio/fulcio.go b/cmd/cosign/cli/fulcio/fulcio.go index 689789cc2fe5..700a95fda153 100644 --- a/cmd/cosign/cli/fulcio/fulcio.go +++ b/cmd/cosign/cli/fulcio/fulcio.go @@ -29,11 +29,11 @@ import ( "github.com/pkg/errors" "golang.org/x/term" - "github.com/sigstore/cosign/cmd/cosign/cli/fulcio/fulcioroots" "github.com/sigstore/cosign/cmd/cosign/cli/options" "github.com/sigstore/cosign/pkg/cosign" "github.com/sigstore/cosign/pkg/providers" "github.com/sigstore/fulcio/pkg/api" + "github.com/sigstore/sigstore/pkg/fulcioroots" "github.com/sigstore/sigstore/pkg/oauthflow" "github.com/sigstore/sigstore/pkg/signature" ) diff --git a/cmd/cosign/cli/fulcio/fulcioverifier/ctl/verify.go b/cmd/cosign/cli/fulcio/fulcioverifier/ctl/verify.go index c2af470cc219..a2bde78934d5 100644 --- a/cmd/cosign/cli/fulcio/fulcioverifier/ctl/verify.go +++ b/cmd/cosign/cli/fulcio/fulcioverifier/ctl/verify.go @@ -30,8 +30,8 @@ import ( "github.com/pkg/errors" "github.com/sigstore/cosign/cmd/cosign/cli/fulcio/fulcioverifier/ctutil" - "github.com/sigstore/cosign/pkg/cosign/tuf" "github.com/sigstore/sigstore/pkg/cryptoutils" + "github.com/sigstore/sigstore/pkg/tuf" ) // This is the CT log public key target name diff --git a/cmd/cosign/cli/initialize/init.go b/cmd/cosign/cli/initialize/init.go index d9a4d1e6247b..4445d3f8b7f4 100644 --- a/cmd/cosign/cli/initialize/init.go +++ b/cmd/cosign/cli/initialize/init.go @@ -22,7 +22,7 @@ import ( "fmt" "github.com/sigstore/cosign/pkg/blob" - "github.com/sigstore/cosign/pkg/cosign/tuf" + "github.com/sigstore/sigstore/pkg/tuf" ) func DoInitialize(ctx context.Context, root, mirror string) error { diff --git a/cmd/cosign/cli/options/initialize.go b/cmd/cosign/cli/options/initialize.go index 6c2aa744b54b..33f8099eaeea 100644 --- a/cmd/cosign/cli/options/initialize.go +++ b/cmd/cosign/cli/options/initialize.go @@ -16,7 +16,7 @@ package options import ( - "github.com/sigstore/cosign/pkg/cosign/tuf" + "github.com/sigstore/sigstore/pkg/tuf" "github.com/spf13/cobra" ) diff --git a/cmd/cosign/cli/policy_init.go b/cmd/cosign/cli/policy_init.go index 89e100c36d05..5be6471dd3fa 100644 --- a/cmd/cosign/cli/policy_init.go +++ b/cmd/cosign/cli/policy_init.go @@ -40,10 +40,10 @@ import ( "github.com/sigstore/cosign/pkg/cosign" cremote "github.com/sigstore/cosign/pkg/cosign/remote" - "github.com/sigstore/cosign/pkg/cosign/tuf" "github.com/sigstore/cosign/pkg/sget" sigs "github.com/sigstore/cosign/pkg/signature" signatureoptions "github.com/sigstore/sigstore/pkg/signature/options" + "github.com/sigstore/sigstore/pkg/tuf" "github.com/spf13/cobra" ) diff --git a/cmd/cosign/cli/sign/sign_test.go b/cmd/cosign/cli/sign/sign_test.go index bc0eabcf8a84..70bb0a63b125 100644 --- a/cmd/cosign/cli/sign/sign_test.go +++ b/cmd/cosign/cli/sign/sign_test.go @@ -29,8 +29,8 @@ import ( "github.com/sigstore/cosign/cmd/cosign/cli/generate" "github.com/sigstore/cosign/cmd/cosign/cli/options" "github.com/sigstore/cosign/pkg/cosign" - "github.com/sigstore/cosign/test" "github.com/sigstore/sigstore/pkg/cryptoutils" + "github.com/sigstore/sigstore/test" "github.com/theupdateframework/go-tuf/encrypted" ) diff --git a/cmd/cosign/cli/verify/verify_blob.go b/cmd/cosign/cli/verify/verify_blob.go index 77bef0e92e1f..05c4f0e54f94 100644 --- a/cmd/cosign/cli/verify/verify_blob.go +++ b/cmd/cosign/cli/verify/verify_blob.go @@ -39,8 +39,8 @@ import ( "github.com/sigstore/cosign/pkg/cosign" "github.com/sigstore/cosign/pkg/cosign/pivkey" "github.com/sigstore/cosign/pkg/cosign/pkcs11key" - "github.com/sigstore/cosign/pkg/cosign/tuf" sigs "github.com/sigstore/cosign/pkg/signature" + "github.com/sigstore/sigstore/pkg/tuf" ctypes "github.com/sigstore/cosign/pkg/types" "github.com/sigstore/rekor/pkg/generated/client" diff --git a/pkg/cosign/kubernetes/webhook/validation.go b/pkg/cosign/kubernetes/webhook/validation.go index 278cc5439fcb..c57d2b39edbc 100644 --- a/pkg/cosign/kubernetes/webhook/validation.go +++ b/pkg/cosign/kubernetes/webhook/validation.go @@ -27,12 +27,12 @@ import ( "knative.dev/pkg/apis" "knative.dev/pkg/logging" - "github.com/sigstore/cosign/cmd/cosign/cli/fulcio/fulcioroots" v1alpha1 "github.com/sigstore/cosign/pkg/apis/cosigned/v1alpha1" "github.com/sigstore/cosign/pkg/cosign" "github.com/sigstore/cosign/pkg/oci" ociremote "github.com/sigstore/cosign/pkg/oci/remote" "github.com/sigstore/rekor/pkg/generated/client" + "github.com/sigstore/sigstore/pkg/fulcioroots" "github.com/sigstore/sigstore/pkg/signature" ) diff --git a/pkg/cosign/tlog.go b/pkg/cosign/tlog.go index 21970b280e89..b6cd2fffe3c8 100644 --- a/pkg/cosign/tlog.go +++ b/pkg/cosign/tlog.go @@ -33,8 +33,8 @@ import ( "github.com/google/trillian/merkle/rfc6962" "github.com/pkg/errors" "github.com/sigstore/cosign/pkg/cosign/bundle" - "github.com/sigstore/cosign/pkg/cosign/tuf" "github.com/sigstore/rekor/pkg/generated/client/index" + "github.com/sigstore/sigstore/pkg/tuf" "github.com/sigstore/rekor/pkg/generated/client" "github.com/sigstore/rekor/pkg/generated/client/entries" diff --git a/pkg/cosign/verify.go b/pkg/cosign/verify.go index e3b63413dde0..267649565812 100644 --- a/pkg/cosign/verify.go +++ b/pkg/cosign/verify.go @@ -33,7 +33,7 @@ import ( "github.com/sigstore/cosign/cmd/cosign/cli/fulcio/fulcioverifier/ctl" cbundle "github.com/sigstore/cosign/pkg/cosign/bundle" - "github.com/sigstore/cosign/pkg/cosign/tuf" + "github.com/sigstore/sigstore/pkg/tuf" "github.com/sigstore/cosign/pkg/blob" "github.com/sigstore/cosign/pkg/oci/static" diff --git a/pkg/cosign/verify_test.go b/pkg/cosign/verify_test.go index c8c2f7d54641..2d43d4bd36d0 100644 --- a/pkg/cosign/verify_test.go +++ b/pkg/cosign/verify_test.go @@ -42,15 +42,15 @@ import ( "github.com/secure-systems-lab/go-securesystemslib/dsse" "github.com/sigstore/cosign/internal/pkg/cosign/rekor/mock" "github.com/sigstore/cosign/pkg/cosign/bundle" - ctuf "github.com/sigstore/cosign/pkg/cosign/tuf" "github.com/sigstore/cosign/pkg/oci/static" "github.com/sigstore/cosign/pkg/types" - "github.com/sigstore/cosign/test" "github.com/sigstore/rekor/pkg/generated/client" rtypes "github.com/sigstore/rekor/pkg/types" "github.com/sigstore/sigstore/pkg/cryptoutils" "github.com/sigstore/sigstore/pkg/signature" "github.com/sigstore/sigstore/pkg/signature/options" + "github.com/sigstore/sigstore/pkg/tuf" + "github.com/sigstore/sigstore/test" "github.com/stretchr/testify/require" ) @@ -225,11 +225,11 @@ func TestVerifyImageSignatureWithNoChain(t *testing.T) { if err != nil { t.Fatalf("creating signer: %v", err) } - testSigstoreRoot := ctuf.TestSigstoreRoot{ + testSigstoreRoot := tuf.TestSigstoreRoot{ Rekor: sv, FulcioCertificate: rootCert, } - _, _ = ctuf.NewSigstoreTufRepo(t, testSigstoreRoot) + _, _ = tuf.NewSigstoreTufRepo(t, testSigstoreRoot) leafCert, privKey, _ := test.GenerateLeafCert("subject", "oidc-issuer", rootCert, rootKey) pemLeaf := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: leafCert.Raw})