Enhance artifact pull and push commands #112
Merged
Chainguard Enforce / Enforce - Commit Signing
succeeded
Jun 21, 2024 in 0s
Successfully verified commit signature.
| CLAIM | DESCRIPTION | |
|---|---|---|
| ✅ | Found Git signature | |
| ✅ | Validated Git signature | |
| ✅ | Validated Rekor entry | |
| ✅ | Allowed by policy |
Details
Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12298853828623684835247911734339598049117263614 (0x2277feafe2acbad00ee90e3b6c88c459724d6fe)
Signature Algorithm: ECDSA-SHA384
Issuer: O=sigstore.dev,CN=sigstore-intermediate
Validity
Not Before: Jun 21 05:03:42 2024 UTC
Not After : Jun 21 05:13:42 2024 UTC
Subject: Subject Public Key Info:
Public Key Algorithm: ECDSA
Public-Key: (256 bit)
X:
e3:f9:50:a2:7a:6b:38:0c:33:bc:d4:cf:53:2e:7d:
8a:f8:2f:95:ce:5f:2b:5e:e9:76:99:0d:1d:85:39:
b2:bb
Y:
45:f5:1b:12:7e:6b:4c:50:ce:a2:e4:8a:0a:3f:bb:
1a:0f:e6:15:08:da:9d:96:e0:f8:1d:b9:93:6d:db:
5c:2c
Curve: P-256
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature
X509v3 Extended Key Usage:
Code Signing
X509v3 Subject Key Identifier:
91:54:3E:87:2B:9A:9A:BB:C3:9A:DC:9E:D3:9F:DE:90:80:5C:01:F5
X509v3 Authority Key Identifier:
keyid:DF:D3:E9:CF:56:24:11:96:F9:A8:D8:E9:28:55:A2:C6:2E:18:64:3F
X509v3 Subject Alternative Name: critical
email:ksantosh@intelops.dev
oidcIssuer:
https://github.com/login/oauth
Unknown extension 1.3.6.1.4.1.57264.1.8
Signed Certificate Timestamp:
BHoAeAB2AN09MGrGxxEyYxkeHJlnNwKiSl643jyt/4eKcoAvKe6OAAABkDkt0WAAAAQDAEcwRQIgGet+8f450irpOdJZ6YQb3d7ADE8j4IhXfnnl8ijKX/QCIQDBWHsO8h4752ltHzUAu5TX9fYumUXe5MmaeW8SdXrCrw==
Signature Algorithm: ECDSA-SHA384
30:65:02:31:00:88:bc:1e:41:4a:17:06:bc:c9:63:99:e5:ea:
f6:e9:17:76:f7:ea:f4:7f:b0:6b:64:9c:d0:c8:7f:23:35:25:
19:d3:e4:5a:dd:27:d1:76:d8:9a:60:29:d9:5a:c0:b5:af:02:
30:7b:49:81:5c:cb:13:9e:eb:d4:61:5a:b4:24:bc:5f:32:d1:
17:ee:fa:9c:8a:27:33:ba:9d:dc:f5:e7:58:ef:04:a9:df:58:
24:0c:9a:d4:f5:df:94:5e:3c:0e:8f:c2:c5
Rekor Entry
{
"body": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiIxMTJkNjFhY2UwZDRkMzBiYWNlYWU4MTc2NWFlZTc1NTI1OThkYmM4OTEyZDk0NDgyZDIyZjc5YzNhYjE5YjE4In19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FVUNJUUNWK2dycUxkOU5NMUg4UlRBVXd5ck5pbjNmV1NmNnpwNFlmTW0yK2xKdjl3SWdFSzcxNmlPbE5HUHVoRjdxZm00Q1RoaDZVL2VYc1BaclRMM1c3cWRFT0NFPSIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTXhSRU5EUVd4eFowRjNTVUpCWjBsVlFXbGtMeloyTkhGNU5qQkJOM0JFYW5SemFVMVNXbU5yTVhZMGQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcFJkMDVxU1hoTlJGVjNUWHBSZVZkb1kwNU5hbEYzVG1wSmVFMUVWWGhOZWxGNVYycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVUwTDJ4UmIyNXdjazlCZDNwMlRsUlFWWGsxT1dsMlozWnNZelZtU3pFM2NHUndhMDRLU0ZsVk5YTnlkRVk1VW5OVFptMTBUVlZOTm1rMVNXOUxVRGR6WVVRcldWWkRUbkZrYkhWRU5FaGliVlJpWkhSalRFdFBRMEZZYTNkblowWXhUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlZyVmxFckNtaDVkV0Z0Y25aRWJYUjVaVEExTDJWclNVSmpRV1pWZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDBsM1dVUldVakJTUVZGSUwwSkNhM2RHTkVWV1lUTk9hR0p1VW5aak1taEJZVmMxTUZwWGVIWmpTRTExV2tkV01rMURkMGREYVhOSFFWRlJRZ3BuTnpoM1FWRkZSVWh0YURCa1NFSjZUMms0ZGxveWJEQmhTRlpwVEcxT2RtSlRPWE5pTW1Sd1ltazVkbGxZVmpCaFJFRjFRbWR2Y2tKblJVVkJXVTh2Q2sxQlJVbENRMEZOU0cxb01HUklRbnBQYVRoMldqSnNNR0ZJVm1sTWJVNTJZbE01YzJJeVpIQmlhVGwyV1ZoV01HRkVRMEpwWjFsTFMzZFpRa0pCU0ZjS1pWRkpSVUZuVWpoQ1NHOUJaVUZDTWtGT01EbE5SM0pIZUhoRmVWbDRhMlZJU214dVRuZExhVk5zTmpRemFubDBMelJsUzJOdlFYWkxaVFpQUVVGQlFncHJSR3QwTUZkQlFVRkJVVVJCUldOM1VsRkpaMGRsZENzNFpqUTFNR2x5Y0U5a1NsbzJXVkZpTTJRM1FVUkZPR28wU1doWVptNXViRGhwYWt0WUwxRkRDa2xSUkVKWFNITlBPR2cwTnpVeWJIUkllbFZCZFRWVVdEbG1XWFZ0VlZobE5VMXRZV1ZYT0ZOa1dISkRjbnBCUzBKblozRm9hMnBQVUZGUlJFRjNUbThLUVVSQ2JFRnFSVUZwVEhkbFVWVnZXRUp5ZWtwWk5XNXNOblppY0VZellqTTJkbEl2YzBkMGEyNU9SRWxtZVUweFNsSnVWRFZHY21SS09VWXlNa3B3WndwTFpHeGhkMHhYZGtGcVFqZFRXVVpqZVhoUFpUWTVVbWhYY2xGcmRrWTRlVEJTWm5VcmNIbExTbnBQTm01a2VqRTFNV3AyUWt0dVpsZERVVTF0ZEZReENqTTFVbVZRUVRaUWQzTlZQUW90TFMwdExVVk9SQ0JEUlZKVVNVWkpRMEZVUlMwdExTMHRDZz09In19fX0=",
"integratedTime": 1718946253,
"logID": "c0d23d6ad406973f9559f3ba2d1ca01f84147d8ffc5b8445c224f98b9591801d",
"logIndex": 104848592,
"verification": {
"inclusionProof": {
"checkpoint": "rekor.sigstore.dev - 2605736670972794746\n100686475\nQA0Pb+ZG2ecwwnrrp6sjXdtCo5TBr3mA1flDKkGgGIs=\n\n— rekor.sigstore.dev wNI9ajBEAiAWcrV17XSJQlGt99AfuwbGKlxDY4ol98zBW5EtqMJdAQIgA+I1Zm2CPP8GV4WyDo9CdF15xmHprwpX2Gsg4SKWqP4=\n",
"hashes": [
"02f1e34669f8aa27fd7291131195f5c63bc76f1cb822455af2899e900f6cdf38",
"b925030993c359b43ac03ea452177ce80428a6f96fc70510264c539d1019f6a1",
"34d7e2c61baa2bbea74a0b448bb6f6b2d32fb8d08b8bb7577a8812a4615a0b62",
"938f56712f73cd4068b6153d68553b1020f17d892b1cdc72edee6e58b72d1e65",
"4c022211661f0e67868c14916db765ca80344932fa2d79da4f1927795ec233f8",
"176ca971f9f97318b561d9204468cafdf9134b1f1c7b030731f8d188325b0e63",
"9c4a9fe2bcb71d970de3f7f651bb99768719206b0ae66a5c5d53ca8395c54a50",
"02c6bf72fc460f06064b6386033b26cebdd58e7e53f1d685882f1c6d6b31aa65",
"5b28902a2ab84eed98807a9f8781af36952ba59cb603170051e792297722b6e4",
"40cbffc81974a6e3b35cc3924c34ad8a0f6c906b21d3520a4d6df75d9bf4cffd",
"e34479fcd17abfaa181b2e486285c14a34cf5da8dec74e82b43736f22c482de7",
"048448b56addf52df8c296c4e7dc969d8f51be3c7b8a688d8be48e7353f080bb",
"9e08cef7dbad4a646bc6eaab3a04bd6408ac777faec2347261c16ed08e1a98b3",
"facbe763c5305681ea93fa6e7b7d2fb6a484db4f32f83c96eb473f6591e030b7",
"6ba90b9f03789cf95da96ab83a83ba333db9650c754da2cc17421b31231576e4",
"f7c7a7ccc682fb1e6808cbc8650039cfcbeed9aa4330216f13ff77e4d7ee3f0f"
],
"logIndex": 100685161,
"rootHash": "400d0f6fe646d9e730c27aeba7ab235ddb42a394c1af7980d5f9432a41a0188b",
"treeSize": 100686475
},
"signedEntryTimestamp": "MEUCIBwFv6amRmCszbvl2LcWHY2436dd0cEDT1AXvQ3PjYJiAiEAs6NCUGdpYgcXGnxQyxbA9aIpK99JHlgwTLGga8TWM+8="
}
}
Loading