Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[bug] invalid suffix: "". Must be .intoto.jsonl when --signature is set to "" #614

Closed
ianlewis opened this issue Jul 22, 2022 · 0 comments · Fixed by #615
Closed

[bug] invalid suffix: "". Must be .intoto.jsonl when --signature is set to "" #614

ianlewis opened this issue Jul 22, 2022 · 0 comments · Fixed by #615
Assignees
@ianlewis
Labels
area:container Issue with the generic container generator type:bug Something isn't working
Milestone
Generic support f...

Comments

@ianlewis
Copy link
Member

The generic generator needs to support setting --signature="" to allow for outputting a SLSA predicate without generating a full provenance statement and signing it. This is so that we can generate the predicate and pass it to cosign attest in the container workflow.

I think this was caused by #545 adding some validation on the attestation file name.
@ianlewis ianlewis added type:bug Something isn't working area:container Issue with the generic container generator labels Jul 22, 2022
@ianlewis ianlewis added this to the GA for container generator milestone Jul 22, 2022
@ianlewis ianlewis self-assigned this Jul 22, 2022
This was referenced Jul 22, 2022
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ianlewis ianlewis

Labels
area:container Issue with the generic container generator type:bug Something isn't working
Projects
None yet
Milestone
Generic support for containers
Development

Successfully merging a pull request may close this issue.

Fix support for --signature="" ianlewis/slsa-github-generator
1 participant
@ianlewis