MCPcopy
hub / github.com/cli/cli / NewInspectCmd

Function NewInspectCmd

pkg/cmd/attestation/inspect/inspect.go:28–135  ·  view source on GitHub ↗
(f *cmdutil.Factory, runF func(*Options) error)

Source from the content-addressed store, hash-verified

26)
27
28func NewInspectCmd(f *cmdutil.Factory, runF func(*Options) error) *cobra.Command {
29 opts := &Options{}
30 inspectCmd := &cobra.Command{
31 Use: "inspect <path-to-sigstore-bundle>",
32 Args: cmdutil.ExactArgs(1, "must specify bundle file path"),
33 Hidden: true,
34 Short: "Inspect a Sigstore bundle",
35 Long: heredoc.Docf(`
36 Inspect a Sigstore bundle that has been downloaded to disk. To download bundles
37 associated with your artifact(s), see the %[1]sgh at download%[1]s command.
38
39 Given a .json or .jsonl file, this command will:
40 - Extract the bundle's statement and predicate
41 - Provide a certificate summary, if present, and indicate whether the cert
42 was issued by GitHub or by Sigstore's Public Good Instance (PGI)
43 - Check the bundles' "authenticity"
44
45 For our purposes, a bundle is authentic if we have the trusted materials to
46 verify the included certificate(s), transparency log entries, and signed
47 timestamps, and if the included signatures match the provided public key.
48
49 This command cannot be used to verify a bundle. To verify a bundle, see the
50 %[1]sgh at verify%[1]s command.
51
52 By default, this command prints a condensed table. To see full results, provide the
53 %[1]s--format=json%[1]s flag.
54 `, "`"),
55 Example: heredoc.Doc(`
56 # Inspect a Sigstore bundle and print the results in table format
57 $ gh attestation inspect <path-to-bundle>
58
59 # Inspect a Sigstore bundle and print the results in JSON format
60 $ gh attestation inspect <path-to-bundle> --format=json
61 `),
62 PreRunE: func(cmd *cobra.Command, args []string) error {
63 // Create a logger for use throughout the inspect command
64 opts.Logger = io.NewHandler(f.IOStreams)
65
66 // set the bundle path
67 opts.BundlePath = args[0]
68
69 // Clean file path options
70 opts.Clean()
71
72 return nil
73 },
74 RunE: func(cmd *cobra.Command, args []string) error {
75 // handle tenancy
76 if opts.Hostname == "" {
77 opts.Hostname, _ = ghauth.DefaultHost()
78 }
79
80 if err := auth.IsHostSupported(opts.Hostname); err != nil {
81 return err
82 }
83
84 hc, err := f.HttpClient()
85 if err != nil {

Callers 2

NewCmdAttestationFunction · 0.92

Calls 11

CleanMethod · 0.95
GetTrustDomainMethod · 0.95
ExactArgsFunction · 0.92
NewHandlerFunction · 0.92
NewLiveClientFunction · 0.92
TenantNameFunction · 0.92
NewLiveSigstoreVerifierFunction · 0.92
AddFormatFlagsFunction · 0.92
runInspectFunction · 0.85
DefaultHostMethod · 0.65
ErrorfMethod · 0.65

Tested by 1