■ ■ ■ ■ ■ ■ ■
cmd/syft/cli/attest/attest.go
| skipped 96 lines |
97 | 97 | | return sBytes, nil |
98 | 98 | | } |
99 | 99 | | |
| 100 | + | //nolint:funlen |
100 | 101 | | func execWorker(app *config.Application, si source.Input, writer sbom.Writer) <-chan error { |
101 | 102 | | errs := make(chan error) |
102 | 103 | | go func() { |
| skipped 28 lines |
131 | 132 | | } |
132 | 133 | | |
133 | 134 | | args := []string{"attest", si.UserInput, "--type", "custom", "--predicate", f.Name()} |
| 135 | + | if app.Attest.Key != "" { |
| 136 | + | args = append(args, "--key", app.Attest.Key) |
| 137 | + | } |
| 138 | + | |
134 | 139 | | execCmd := exec.Command(cmd, args...) |
135 | 140 | | execCmd.Env = os.Environ() |
136 | | - | execCmd.Env = append(execCmd.Env, "COSIGN_EXPERIMENTAL=1") |
| 141 | + | if app.Attest.Key != "" { |
| 142 | + | execCmd.Env = append(execCmd.Env, fmt.Sprintf("COSIGN_PASSWORD=%s", app.Attest.Password)) |
| 143 | + | } else { |
| 144 | + | // no key provided, use cosign's keyless mode |
| 145 | + | execCmd.Env = append(execCmd.Env, "COSIGN_EXPERIMENTAL=1") |
| 146 | + | } |
137 | 147 | | |
138 | 148 | | // bus adapter for ui to hook into stdout via an os pipe |
139 | 149 | | r, w, err := os.Pipe() |
| skipped 89 lines |