From e40bb8fb9aa68c3a10c8b04c42ba7ecaeae09863 Mon Sep 17 00:00:00 2001 From: Javan lacerda Date: Mon, 24 Jun 2024 13:43:39 +0000 Subject: [PATCH] omit subytype for json Signed-off-by: Javan lacerda --- config/fulcio-config.yaml | 47 +++++++++++++-------------------------- pkg/config/config.go | 2 +- 2 files changed, 16 insertions(+), 33 deletions(-) diff --git a/config/fulcio-config.yaml b/config/fulcio-config.yaml index 83a1b3d61..bf4528b7f 100644 --- a/config/fulcio-config.yaml +++ b/config/fulcio-config.yaml @@ -20,103 +20,86 @@ data: "https://accounts.google.com": { "IssuerURL": "https://accounts.google.com", "ClientID": "sigstore", - "Type": "email", - "SubType": "" + "Type": "email" }, "https://agent.buildkite.com": { "IssuerURL": "https://agent.buildkite.com", "ClientID": "sigstore", - "Type": "buildkite-job", - "SubType": "" + "Type": "buildkite-job" }, "https://allow.pub": { "IssuerURL": "https://allow.pub", "ClientID": "sigstore", "Type": "spiffe", - "SubType": "", "SPIFFETrustDomain": "allow.pub" }, "https://auth-staging.eclipse.org/realms/sigstore": { "IssuerURL": "https://auth-staging.eclipse.org/realms/sigstore", "ClientID": "sigstore", - "Type": "email", - "SubType": "" + "Type": "email" }, "https://auth.eclipse.org/auth/realms/sigstore": { "IssuerURL": "https://auth.eclipse.org/auth/realms/sigstore", "ClientID": "sigstore", - "Type": "email", - "SubType": "" + "Type": "email" }, "https://dev.gitlab.org": { "IssuerURL": "https://dev.gitlab.org", "ClientID": "sigstore", - "Type": "gitlab-pipeline", - "SubType": "" + "Type": "gitlab-pipeline" }, "https://gitlab.archlinux.org": { "IssuerURL": "https://gitlab.archlinux.org", "ClientID": "sigstore", - "Type": "gitlab-pipeline", - "SubType": "" + "Type": "gitlab-pipeline" }, "https://gitlab.com": { "IssuerURL": "https://gitlab.com", "ClientID": "sigstore", - "Type": "gitlab-pipeline", - "SubType": "" + "Type": "gitlab-pipeline" }, "https://oauth2.sigstore.dev/auth": { "IssuerURL": "https://oauth2.sigstore.dev/auth", "ClientID": "sigstore", "Type": "email", - "SubType": "", "IssuerClaim": "$.federated_claims.connector_id" }, "https://oidc.codefresh.io": { "IssuerURL": "https://oidc.codefresh.io", "ClientID": "sigstore", - "Type": "codefresh-workflow", - "SubType": "" + "Type": "codefresh-workflow" }, "https://ops.gitlab.net": { "IssuerURL": "https://ops.gitlab.net", "ClientID": "sigstore", - "Type": "gitlab-pipeline", - "SubType": "" + "Type": "gitlab-pipeline" }, "https://token.actions.githubusercontent.com": { "IssuerURL": "https://token.actions.githubusercontent.com", "ClientID": "sigstore", - "Type": "github-workflow", - "SubType": "" + "Type": "github-workflow" } }, "MetaIssuers": { "https://*.oic.prod-aks.azure.com/*": { "ClientID": "sigstore", - "Type": "kubernetes", - "SubType": "" + "Type": "kubernetes" }, "https://container.googleapis.com/v1/projects/*/locations/*/clusters/*": { "ClientID": "sigstore", - "Type": "kubernetes", - "SubType": "" + "Type": "kubernetes" }, "https://oidc.eks.*.amazonaws.com/id/*": { "ClientID": "sigstore", - "Type": "kubernetes", - "SubType": "" + "Type": "kubernetes" }, "https://oidc.prod-aks.azure.com/*": { "ClientID": "sigstore", - "Type": "kubernetes", - "SubType": "" + "Type": "kubernetes" }, "https://token.actions.githubusercontent.com/*": { "ClientID": "sigstore", - "Type": "github-workflow", - "SubType": "" + "Type": "github-workflow" } }, "IssuersMetadata": null diff --git a/pkg/config/config.go b/pkg/config/config.go index d112e4c1b..052147338 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -87,7 +87,7 @@ type OIDCIssuer struct { // certificate values are needed Type IssuerType `json:"Type" yaml:"type,omitempty"` // Issuers subtype - SubType string `json:"SubType" yaml:"sub-type,omitempty"` + SubType string `json:"SubType,omitempty" yaml:"sub-type,omitempty"` // Optional, if the issuer is in a different claim in the OIDC token IssuerClaim string `json:"IssuerClaim,omitempty" yaml:"issuer-claim,omitempty"` // The domain that must be present in the subject for 'uri' issuer types