github/slsa-verifier
1
0
Fork 0
mirror of https://github.com/slsa-framework/slsa-verifier.git synced 2026-05-07 00:56:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update name of argument (#35)

Browse Source
This commit is contained in:
laurentsimon
2022-04-25 02:26:40 -07:00
committed by GitHub
parent a53fa7eba4
commit bb7debf054
2 changed files with 9 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@@ -21,8 +21,8 @@ Below is a list of options currently supported. Note that signature verification
$ git clone git@github.com:slsa-framework/slsa-verifier.git
$ go run . --help
Usage of ./slsa-verifier:
-binary string
path to a binary to verify
-artifact-path string
path to an artifact to verify
-branch string
expected branch the binary was compiled from (default "main")
-provenance string
@@ -38,7 +38,7 @@ $ go run . --help
### Example
```bash
$ go run . --binary ~/Downloads/binary-linux-amd64 --provenance ~/Downloads/binary-linux-amd64.intoto.jsonl --source github.com/origin/repo
$ go run . --artifact-path ~/Downloads/binary-linux-amd64 --provenance ~/Downloads/binary-linux-amd64.intoto.jsonl --source github.com/origin/repo
Verified against tlog entry 1544571
verified SLSA provenance produced at

12
main.go
View File

@@ -27,7 +27,7 @@ func check(e error) {
var (
provenancePath string
binaryPath string
artifactPath string
source string
branch string
tag string
@@ -108,14 +108,14 @@ func verify(ctx context.Context,
func main() {
flag.StringVar(&provenancePath, "provenance", "", "path to a provenance file")
flag.StringVar(&binaryPath, "binary", "", "path to a binary to verify")
flag.StringVar(&artifactPath, "artifact-path", "", "path to an artifact to verify")
flag.StringVar(&source, "source", "", "expected source repository that should have produced the binary, e.g. github.com/some/repo")
flag.StringVar(&branch, "branch", "main", "expected branch the binary was compiled from")
flag.StringVar(&tag, "tag", "", "[optional] expected tag the binary was compiled from")
flag.StringVar(&versiontag, "versioned-tag", "", "[optional] expected version the binary was compiled from. Uses semantic version to match the tag")
flag.Parse()
if provenancePath == "" || binaryPath == "" || source == "" {
if provenancePath == "" || artifactPath == "" || source == "" {
flag.Usage()
os.Exit(1)
}
@@ -134,7 +134,7 @@ func main() {
os.Exit(1)
}
if err := runVerify(binaryPath, provenancePath, source, branch,
if err := runVerify(artifactPath, provenancePath, source, branch,
ptag, pversiontag); err != nil {
log.Fatal(err)
}
@@ -152,10 +152,10 @@ func isFlagPassed(name string) bool {
return found
}
func runVerify(binaryPath, provenancePath, source, branch string,
func runVerify(artifactPath, provenancePath, source, branch string,
ptag, pversiontag *string,
) error {
f, err := os.Open(binaryPath)
f, err := os.Open(artifactPath)
if err != nil {
log.Fatal(err)
}