Skip to content

Commit 08952e2

Browse files
piceripiceri
authored
Deprecate flags signing config (sigstore#4844)
--------- Signed-off-by: Eric Pickard <piceri@github.com>
1 parent f5373b0 commit 08952e2

20 files changed

Lines changed: 16 additions & 23 deletions

cmd/cosign/cli/options/attest.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -110,6 +110,7 @@ func (o *AttestOptions) AddFlags(cmd *cobra.Command) {
110110
cmd.Flags().StringVar(&o.TSAServerURL, "timestamp-server-url", "",
111111
"url to the Timestamp RFC3161 server, default none. Must be the path to the API to request timestamp responses, e.g. https://freetsa.org/tsr")
112112
_ = cmd.RegisterFlagCompletionFunc("timestamp-server-url", cobra.NoFileCompletions)
113+
_ = cmd.Flags().MarkDeprecated("timestamp-server-url", "please use a signing config to specify a timestamp server url; see `cosign signing-config --help`")
113114

114115
cmd.Flags().BoolVar(&o.RecordCreationTimestamp, "record-creation-timestamp", false,
115116
"set the createdAt timestamp in the attestation artifact to the time it was created; by default, cosign sets this to the zero value")

cmd/cosign/cli/options/attest_blob.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -145,6 +145,7 @@ func (o *AttestBlobOptions) AddFlags(cmd *cobra.Command) {
145145
cmd.Flags().StringVar(&o.TSAServerURL, "timestamp-server-url", "",
146146
"url to the Timestamp RFC3161 server, default none. Must be the path to the API to request timestamp responses, e.g. https://freetsa.org/tsr")
147147
_ = cmd.RegisterFlagCompletionFunc("timestamp-server-url", cobra.NoFileCompletions)
148+
_ = cmd.Flags().MarkDeprecated("timestamp-server-url", "please use a signing config to specify a timestamp server url; see `cosign signing-config --help`")
148149

149150
cmd.Flags().StringVar(&o.RFC3161TimestampPath, "rfc3161-timestamp-bundle", "",
150151
"path to an RFC 3161 timestamp bundle FILE")

cmd/cosign/cli/options/bundle.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -69,6 +69,7 @@ func (o *BundleCreateOptions) AddFlags(cmd *cobra.Command) {
6969
cmd.Flags().StringVar(&o.RekorURL, "rekor-url", "https://rekor.sigstore.dev",
7070
"address of rekor STL server")
7171
_ = cmd.RegisterFlagCompletionFunc("rekor-url", cobra.NoFileCompletions)
72+
_ = cmd.Flags().MarkDeprecated("rekor-url", "please use a signing config to specify a rekor url; see `cosign signing-config --help`")
7273

7374
cmd.Flags().StringVar(&o.RFC3161TimestampPath, "rfc3161-timestamp", "",
7475
"path to RFC3161 timestamp FILE")

cmd/cosign/cli/options/fulcio.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,7 @@ func (o *FulcioOptions) AddFlags(cmd *cobra.Command) {
3636
// TODO: change this back to api.SigstorePublicServerURL after the v1 migration is complete.
3737
cmd.Flags().StringVar(&o.URL, "fulcio-url", DefaultFulcioURL,
3838
"address of sigstore PKI server")
39+
_ = cmd.Flags().MarkDeprecated("fulcio-url", "please use a signing config to specify a fulcio url; see `cosign signing-config --help`")
3940

4041
cmd.Flags().StringVar(&o.IdentityToken, "identity-token", "",
4142
"identity token to use for certificate from fulcio. the token or a path to a file containing the token is accepted.")

cmd/cosign/cli/options/oidc.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -58,6 +58,7 @@ var _ Interface = (*OIDCOptions)(nil)
5858
func (o *OIDCOptions) AddFlags(cmd *cobra.Command) {
5959
cmd.Flags().StringVar(&o.Issuer, "oidc-issuer", DefaultOIDCIssuerURL,
6060
"OIDC provider to be used to issue ID token")
61+
_ = cmd.Flags().MarkDeprecated("oidc-issuer", "please use a signing config to specify an OIDC issuer; see `cosign signing-config create --help`")
6162

6263
cmd.Flags().StringVar(&o.ClientID, "oidc-client-id", "sigstore",
6364
"OIDC client ID for application")

cmd/cosign/cli/options/rekor.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -32,4 +32,5 @@ var _ Interface = (*RekorOptions)(nil)
3232
func (o *RekorOptions) AddFlags(cmd *cobra.Command) {
3333
cmd.Flags().StringVar(&o.URL, "rekor-url", DefaultRekorURL,
3434
"address of rekor STL server")
35+
_ = cmd.Flags().MarkDeprecated("rekor-url", "please use a signing config to specify a rekor url; see `cosign signing-config --help`")
3536
}

cmd/cosign/cli/options/sign.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -140,6 +140,7 @@ func (o *SignOptions) AddFlags(cmd *cobra.Command) {
140140

141141
cmd.Flags().StringVar(&o.TSAServerURL, "timestamp-server-url", "",
142142
"url to the Timestamp RFC3161 server, default none. Must be the path to the API to request timestamp responses, e.g. https://freetsa.org/tsr")
143+
_ = cmd.Flags().MarkDeprecated("timestamp-server-url", "please use a signing config to specify a timestamp server url; see `cosign signing-config --help`")
143144

144145
_ = cmd.MarkFlagFilename("certificate", certificateExts...)
145146

cmd/cosign/cli/options/signblob.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -145,6 +145,7 @@ func (o *SignBlobOptions) AddFlags(cmd *cobra.Command) {
145145
cmd.Flags().StringVar(&o.TSAServerURL, "timestamp-server-url", "",
146146
"url to the Timestamp RFC3161 server, default none. Must be the path to the API to request timestamp responses, e.g. https://freetsa.org/tsr")
147147
_ = cmd.RegisterFlagCompletionFunc("timestamp-server-url", cobra.NoFileCompletions)
148+
_ = cmd.Flags().MarkDeprecated("timestamp-server-url", "please use a signing config to specify a timestamp server url; see `cosign signing-config --help`")
148149

149150
cmd.Flags().StringVar(&o.RFC3161TimestampPath, "rfc3161-timestamp", "",
150151
"write the RFC3161 timestamp to a file")

cmd/cosign/cli/options/verify.go

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -100,6 +100,8 @@ func (o *VerifyOptions) AddFlags(cmd *cobra.Command) {
100100
o.AnnotationOptions.AddFlags(cmd)
101101
o.CommonVerifyOptions.AddFlags(cmd)
102102

103+
_ = cmd.Flags().MarkDeprecated("rekor-url", "please use --bundle, which includes the Rekor inclusion proof")
104+
103105
cmd.Flags().StringVar(&o.Key, "key", "",
104106
"path to the public key file, KMS URI or Kubernetes Secret")
105107
_ = cmd.MarkFlagFilename("key", publicKeyExts...)
@@ -155,6 +157,8 @@ func (o *VerifyAttestationOptions) AddFlags(cmd *cobra.Command) {
155157
o.CommonVerifyOptions.AddFlags(cmd)
156158
o.SignatureDigest.AddFlags(cmd)
157159

160+
_ = cmd.Flags().MarkDeprecated("rekor-url", "please use --bundle, which includes the Rekor inclusion proof")
161+
158162
cmd.Flags().StringVar(&o.Key, "key", "",
159163
"path to the public key file, KMS URI or Kubernetes Secret")
160164

@@ -196,6 +200,8 @@ func (o *VerifyBlobOptions) AddFlags(cmd *cobra.Command) {
196200
o.CommonVerifyOptions.AddFlags(cmd)
197201
o.SignatureDigest.AddFlags(cmd)
198202

203+
_ = cmd.Flags().MarkDeprecated("rekor-url", "please use --bundle, which includes the Rekor inclusion proof")
204+
199205
cmd.Flags().StringVar(&o.Key, "key", "",
200206
"path to the public key file, KMS URI or Kubernetes Secret")
201207

@@ -258,6 +264,8 @@ func (o *VerifyBlobAttestationOptions) AddFlags(cmd *cobra.Command) {
258264
o.CommonVerifyOptions.AddFlags(cmd)
259265
o.SignatureDigest.AddFlags(cmd)
260266

267+
_ = cmd.Flags().MarkDeprecated("rekor-url", "please use --bundle, which includes the Rekor inclusion proof")
268+
261269
cmd.Flags().StringVar(&o.Key, "key", "",
262270
"path to the public key file, KMS URI or Kubernetes Secret")
263271

doc/cosign_attest-blob.md

Lines changed: 0 additions & 4 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)