github/hauler
1
0
Fork 0
mirror of https://github.com/hauler-dev/hauler.git synced 2026-02-14 09:59:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix tlog verification error/warning output (#428)

Browse Source 
* fix tlog verification error/warning output
* extend error msg to avoid ambiguity
This commit is contained in:
Adam Toy
2025-04-04 17:51:26 -04:00
committed by GitHub
parent 5021f3ab6b
commit f9a188259f
1 changed files with 14 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
pkg/cosign/cosign.go
View File

@@ -3,6 +3,10 @@ package cosign
import (
"context"
"fmt"
"os"
"strings"
"time"
"github.com/sigstore/cosign/v2/cmd/cosign/cli"
"github.com/sigstore/cosign/v2/cmd/cosign/cli/options"
"github.com/sigstore/cosign/v2/cmd/cosign/cli/verify"
@@ -12,8 +16,6 @@ import (
"hauler.dev/go/hauler/pkg/log"
"hauler.dev/go/hauler/pkg/store"
"oras.land/oras-go/pkg/content"
"os"
"time"
)
// VerifyFileSignature verifies the digital signature of a file using Sigstore/Cosign.
@@ -143,9 +145,17 @@ func RetryOperation(ctx context.Context, rso *flags.StoreRootOpts, ro *flags.Cli
}
if ro.IgnoreErrors {
l.Warnf("warning (attempt %d/%d)... %v", attempt, rso.Retries, err)
if strings.HasPrefix(err.Error(), "function execution failed: no matching signatures: rekor client not provided for online verification") {
l.Warnf("warning (attempt %d/%d)... failed tlog verification", attempt, rso.Retries)
} else {
l.Warnf("warning (attempt %d/%d)... %v", attempt, rso.Retries, err)
}
} else {
l.Errorf("error (attempt %d/%d)... %v", attempt, rso.Retries, err)
if strings.HasPrefix(err.Error(), "function execution failed: no matching signatures: rekor client not provided for online verification") {
l.Errorf("error (attempt %d/%d)... failed tlog verification", attempt, rso.Retries)
} else {
l.Errorf("error (attempt %d/%d)... %v", attempt, rso.Retries, err)
}
}
// If this is not the last attempt, wait before retrying