github.com/kastenhq/syft@v0.0.0-20230821225854-0710af25cdbe/cmd/syft/cli/options/fulcio.go (about)

     1  package options
     2  
     3  import (
     4  	"github.com/spf13/cobra"
     5  	"github.com/spf13/pflag"
     6  	"github.com/spf13/viper"
     7  )
     8  
     9  const defaultFulcioURL = "https://fulcio.sigstore.dev"
    10  
    11  // FulcioOptions is the wrapper for Fulcio related options.
    12  type FulcioOptions struct {
    13  	URL                      string
    14  	IdentityToken            string
    15  	InsecureSkipFulcioVerify bool
    16  }
    17  
    18  var _ Interface = (*FulcioOptions)(nil)
    19  
    20  // AddFlags implements Interface
    21  func (o *FulcioOptions) AddFlags(cmd *cobra.Command, v *viper.Viper) error {
    22  	// TODO: change this back to api.SigstorePublicServerURL after the v1 migration is complete.
    23  	cmd.Flags().StringVar(&o.URL, "fulcio-url", defaultFulcioURL,
    24  		"address of sigstore PKI server")
    25  
    26  	cmd.Flags().StringVar(&o.IdentityToken, "identity-token", "",
    27  		"identity token to use for certificate from fulcio")
    28  
    29  	cmd.Flags().BoolVar(&o.InsecureSkipFulcioVerify, "insecure-skip-verify", false,
    30  		"skip verifying fulcio certificat and the SCT (Signed Certificate Timestamp) (this should only be used for testing).")
    31  	return bindFulcioConfigOptions(cmd.Flags(), v)
    32  }
    33  
    34  //nolint:revive
    35  func bindFulcioConfigOptions(flags *pflag.FlagSet, v *viper.Viper) error {
    36  	if err := v.BindPFlag("attest.fulcio-url", flags.Lookup("fulcio-url")); err != nil {
    37  		return err
    38  	}
    39  
    40  	if err := v.BindPFlag("attest.fulcio-identity-token", flags.Lookup("identity-token")); err != nil {
    41  		return err
    42  	}
    43  
    44  	if err := v.BindPFlag("attest.insecure-skip-verify", flags.Lookup("insecure-skip-verify")); err != nil {
    45  		return err
    46  	}
    47  
    48  	return nil
    49  }