-
Notifications
You must be signed in to change notification settings - Fork 531
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add --yes
flag cosign import-key-pair
to skip the overwrite confirmation.
#3383
Add --yes
flag cosign import-key-pair
to skip the overwrite confirmation.
#3383
Conversation
Signed-off-by: zhaoyonghe <yonghe.zhao@yahoo.com>
@@ -39,4 +41,7 @@ func (o *ImportKeyPairOptions) AddFlags(cmd *cobra.Command) { | |||
cmd.Flags().StringVarP(&o.OutputKeyPrefix, "output-key-prefix", "o", "import-cosign", | |||
"name used for outputted key pairs") | |||
_ = cmd.Flags().SetAnnotation("output-key-prefix", cobra.BashCompFilenameExt, []string{}) | |||
|
|||
cmd.Flags().BoolVarP(&o.SkipConfirmation, "yes", "y", false, | |||
"skip confirmation prompts for non-destructive operations") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Question: is file overwrite considered as destructive operation? Should we change it to a different name?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, this should say destructive. Given the simplicity of this command, you could just say "skip confirmation prompts for overwriting existing key"
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, just one comment on the flag desc
Signed-off-by: zhaoyonghe <yonghe.zhao@yahoo.com>
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## main #3383 +/- ##
==========================================
- Coverage 30.23% 30.22% -0.02%
==========================================
Files 155 155
Lines 9958 9962 +4
==========================================
Hits 3011 3011
- Misses 6497 6501 +4
Partials 450 450 ☔ View full report in Codecov by Sentry. |
Added the flag provided here: sigstore/cosign#3383
This PR closes #3382.
Summary
Users may call
cosign import-key-pair
and thencosign sign
multiple times to sign multiple images in CI/CD pipelines. And cannot confirm overwrite:It is better to add a
--yes
flag to skip the overwrite confirmation.Release Note
Added
--yes
flag incosign import-key-pair
to skip the overwrite confirmation.Documentation
Already updated doc/cosign_import-key-pair.md.