Closed
Description
Description
Verify-attestation's help says that type can use an URI, but I got the error when I passed an URI.
--type string specify a predicate type (slsaprovenance|link|spdx|spdxjson|cyclonedx|vuln|custom) or an URI (default "custom")
$ COSIGN_EXPERIMENTAL=1 cosign verify-attestation --type "https://example.com/TestResult/v1" otms61/test-custom-attest
Error: converting to consumable policy validation: invalid predicate type: https://example.com/TestResult/v1
main.go:62: error during command execution: converting to consumable policy validation: invalid predicate type: https://example.com/TestResult/v1The default value(custom) for type is set after v1.10.1. We cannot leave the type unspecified as in the past.
So if we specify an URI when creating an attestation, we cannot verify it.
$ cat test-result.json
{"passed": true}
$ COSIGN_EXPERIMENTAL=1 cosign attest --type "https://example.com/TestResult/v1" --predicate test-result.json otms61/test-custom-attestSpecifying a URI and unspecified also failed.
$ COSIGN_EXPERIMENTAL=1 cosign verify-attestation --type "https://example.com/TestResult/v1" otms61/test-custom-attest
Error: converting to consumable policy validation: invalid predicate type: https://example.com/TestResult/v1
main.go:62: error during command execution: converting to consumable policy validation: invalid predicate type: https://example.com/TestResult/v1
$ COSIGN_EXPERIMENTAL=1 cosign verify-attestation otms61/test-custom-attest
Error: none of the attestations matched the predicate type: custom
main.go:62: error during command execution: none of the attestations matched the predicate type: custom
Expectation
verify-attestation's type option can parse an URI.
Version
GitVersion: v1.10.1
GitCommit: a39ce91fadc582e0efce3321744a79ccd3c8b39c
GitTreeState: clean
BuildDate: 2022-08-04T16:59:14Z
GoVersion: go1.18.5
Compiler: gc
Platform: darwin/amd64
Activity