You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
root@ubuntu:~# cat test.sh
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/operator/previous/v0.69.1/release.yaml
REKOR_UUID=
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.69.1@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
root@ubuntu:~#
root@ubuntu:~#
root@ubuntu:~# bash test.sh
Error: invalid argument "" for "--uuid" flag: ID len error, expected 80 (EntryID) or 64 (UUID) but got len 0 for ID
Usage:
rekor-cli get [flags]
Flags:
-h, --help help for get
--log-index logIndex the index of the entry in the transparency log
--uuid uuid UUID of entry in transparency log (if known)
Global Flags:
--config string config file (default is $HOME/.rekor.yaml)
--format format Command output format (default default)
--rekor_server url Server address:port (default https://rekor.sigstore.dev)
--retry uint Number of times to retry HTTP requests (default 3)
--store_tree_state whether to store tree state in between invocations for additional verification (default true)
--timeout format HTTP timeout (default 30s)
invalid argument "" for "--uuid" flag: ID len error, expected 80 (EntryID) or 64 (UUID) but got len 0 for ID
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 26922 100 26922 0 0 198k 0 --:--:-- --:--:-- --:--:-- 199k
root@ubuntu:~#
The text was updated successfully, but these errors were encountered:
This is coming from the "shared" create-draft-release task. In tektoncd/pipeline, it's is a step between the release pipeline and that task to get that rekor uuid to check the images, … see point 12 of the release-cheat-shee.md.
I guess we do not have this step in the release (and maybe not the pipeline configured to get the images handled by chains).
release page:https://github.com/tektoncd/operator/releases
The text was updated successfully, but these errors were encountered: