Bundle signing using TSA #5
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Alexis <[email protected]>
Signed-off-by: Alexis <[email protected]>
Signed-off-by: Alexis <[email protected]>
Signed-off-by: Alexis <[email protected]>
Signed-off-by: Alexis <[email protected]>
Signed-off-by: Alexis <[email protected]>
Signed-off-by: Alexis <[email protected]>
Signed-off-by: Alexis <[email protected]>
Signed-off-by: Alexis <[email protected]>
Signed-off-by: Alexis <[email protected]>
Signed-off-by: Alexis <[email protected]>
DarkaMaul
commented
Nov 8, 2024
| @@ -58,6 +58,18 @@ jobs: | |||
| - name: test | |||
| run: make test TEST_ARGS="-vv --showlocals" | |||
|
|
|||
| - name: test (timestamp-authority) | |||
There was a problem hiding this comment.
FLAG: This tests the new Timestamping Functionalities by downloading sigstore/timestamp-authority.
This could either use an external (and reliable) TSA or be more aggressively cached.
DarkaMaul
commented
Nov 8, 2024
| pass | ||
|
|
||
|
|
||
| class TimestampAuthorityClient: |
There was a problem hiding this comment.
FLAG: I'm not fond of the name here, but I couldn't come up with a better one.
DarkaMaul
commented
Nov 8, 2024
sigstore/_internal/timestamping.py
Outdated
| msg = f"Invalid network: {error}" | ||
| raise TimestampError(msg) | ||
|
|
||
| # Check that we can parse the response but does not *verify* it |
There was a problem hiding this comment.
NOTE: We can't verify here because we may not have access to the TSA certificates.
|
The tests are expected to fail because it does not use (yet) the unreleased version of |
facutuesca
reviewed
Nov 8, 2024
Signed-off-by: Alexis <[email protected]>
Co-authored-by: Facundo Tuesca <[email protected]> Signed-off-by: dm <[email protected]>
Signed-off-by: Alexis <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
For the internal review round
Based on the verification branch to ease the review.