Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: adding git remotes to subjects and normalising url #361

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

ChaosInTheCRD
Copy link
Collaborator

What this PR does / why we need it

Description

This PR adds the repository remotes to the subjects of the in-toto statement for more easy querying of understanding the identity of a repository. It also normalises the remote url, in an attempt to make it agnostic to the protocol used in that config to connect to the remote (e.g., http:// / ssh).

Signed-off-by: chaosinthecrd <tom@tmlabs.co.uk>
"github.com/in-toto/go-witness",
"github.com/in-toto/go-witness.git",
"https://github.com/in-toto/go-witness",
"https://github.com/in-toto/go-witness.git",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it may be worth testing with git:// and git+ssh etc, even though some of those are deprecated. I think some SCPs (possibly sourceforge?) sets git:// to be default.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

a-ha - I will!

@@ -103,6 +103,7 @@ require (
github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966 // indirect
github.com/tchap/go-patricia/v2 v2.3.1 // indirect
github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 // indirect
github.com/whilp/git-urls v1.0.0 // indirect
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

weird this is marked indirect? 🤔 go mod tidy?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah I'll run and see

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants