@swimlane/cosign - npm Package Compare versions

17

CHANGELOG.md

		# Changelog

		## [1.3.0](https://github.com/swimlane/cosign-sdk/compare/v1.2.0...v1.3.0) (2022-09-28)


		### Features

		* added generate key ([1d23a15](https://github.com/swimlane/cosign-sdk/commit/1d23a15063e40692ab791a564f67ab9adf09b4e2))
		* added sigining ([d219b63](https://github.com/swimlane/cosign-sdk/commit/d219b639eaf188cdebd44ab22493c644568e410f))
		* initial commit ([1bb8a90](https://github.com/swimlane/cosign-sdk/commit/1bb8a906fc020c8314f875f7dcf34c28bf043918))
		* update install ([7f3dab9](https://github.com/swimlane/cosign-sdk/commit/7f3dab902bcedc04b011b0464b0892212207d75a))
		* updated cosign ([e99ef45](https://github.com/swimlane/cosign-sdk/commit/e99ef452526bc089c0bd21f5541357206bf625f6))


		### Bug Fixes

		* updated runner ([cdca41e](https://github.com/swimlane/cosign-sdk/commit/cdca41e930c316689906d63ea39c55dc272fa557))
		* wrapped call in try/catch ([dfc26b0](https://github.com/swimlane/cosign-sdk/commit/dfc26b029e772f50b8dbc138c94b8f8ae379985a))

		## [1.2.0](https://github.com/swimlane/cosign-sdk/compare/v1.1.0...v1.2.0) (2022-09-24)
		@@ -4,0 +21,0 @@

3

lib/cosign-runner.d.ts

		@@ -1,3 +0,4 @@
		import { Writable } from "node:stream";
		import { Writable } from 'node:stream';
		export declare const save: (repository: string, writable: Writable) => Promise<void>;
		export declare const generateKeyPair: (password: string, workingDirectory: string) => Promise<void>;
		export declare const signImage: (password: string, keyPath: string, image: string, upload?: boolean) => Promise<void>;

62

lib/cosign-runner.js

		@@ -29,3 +29,3 @@ "use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.generateKeyPair = exports.save = void 0;
		exports.signImage = exports.generateKeyPair = exports.save = void 0;
		const node_path_1 = __importStar(require("node:path"));
		@@ -35,5 +35,5 @@ const execa_1 = __importDefault(require("execa"));
		const archiver_1 = require("archiver");
		const binName = "cosign";
		const binName = 'cosign';
		const modulePath = node_path_1.default.resolve(__dirname);
		const binPath = (0, node_path_1.join)((0, node_path_1.resolve)((0, node_path_1.join)(modulePath, "..")), "node_modules", ".bin");
		const binPath = (0, node_path_1.join)((0, node_path_1.resolve)((0, node_path_1.join)(modulePath, '..')), 'node_modules', '.bin');
		const binFile = (0, node_path_1.join)(binPath, binName);
		@@ -44,20 +44,12 @@ const save = async (repository, writable) => {
		const tempDir = await temp_1.default.mkdir();
		const args = [
		"save",
		"--dir",
		tempDir,
		repository
		];
		const args = ['save', '--dir', tempDir, repository];
		const result = await (0, execa_1.default)(binFile, args, {});
		if (result.exitCode !== 0) {
		throw new Error("cosign save failed");
		throw new Error('cosign save failed');
		}
		const archive = (0, archiver_1.create)("tar", { gzip: true });
		archive.glob("**", {
		cwd: tempDir
		const archive = (0, archiver_1.create)('tar', { gzip: true });
		archive.glob('**', {
		cwd: tempDir,
		});
		archive
		.pipe(writable)
		.on("finish", resolve)
		.on("error", reject);
		archive.pipe(writable).on('finish', resolve).on('error', reject);
		await archive.finalize();
		@@ -74,13 +66,39 @@ }
		try {
		const args = ['generate-key-pair'];
		const result = await (0, execa_1.default)(binFile, args, {
		cwd: workingDirectory,
		env: {
		COSIGN_PASSWORD: password,
		},
		});
		if (result.exitCode !== 0) {
		throw new Error('cosign save failed');
		}
		resolve();
		}
		catch (error) {
		reject(error);
		}
		});
		};
		exports.generateKeyPair = generateKeyPair;
		const signImage = async (password, keyPath, image, upload = false) => {
		return new Promise(async (resolve, reject) => {
		try {
		const args = [
		'generate-key-pair'
		'sign',
		'--key',
		`${keyPath}`,
		`--upload=${upload}`,
		image,
		];
		const workingDirectory = (0, node_path_1.dirname)(keyPath);
		const result = await (0, execa_1.default)(binFile, args, {
		cwd: workingDirectory,
		env: {
		COSIGN_PASSWORD: password
		}
		COSIGN_PASSWORD: password,
		},
		});
		if (result.exitCode !== 0) {
		throw new Error("cosign save failed");
		throw new Error('cosign save failed');
		}
		@@ -94,3 +112,3 @@ resolve();
		};
		exports.generateKeyPair = generateKeyPair;
		exports.signImage = signImage;
		//# sourceMappingURL=cosign-runner.js.map

2

package.json

		{
		"name": "@swimlane/cosign",
		"version": "1.2.0",
		"version": "1.3.0",
		"description": "",
		@@ -5,0 +5,0 @@ "main": "./lib/index.js",

110

src/cosign-runner.ts

		@@ -1,14 +0,13 @@
		import path, { join, resolve } from "node:path";
		import execa from "execa";
		import temp from "temp";
		import { create } from "archiver";
		import { Writable } from "node:stream";
		import path, { dirname, join, resolve } from 'node:path';
		import execa from 'execa';
		import temp from 'temp';
		import { create } from 'archiver';
		import { Writable } from 'node:stream';

		const binName = "cosign";
		const binName = 'cosign';
		const modulePath = path.resolve(__dirname);

		const binPath = join(resolve(join(modulePath, "..")), "node_modules", ".bin");
		const binPath = join(resolve(join(modulePath, '..')), 'node_modules', '.bin');
		const binFile = join(binPath, binName);


		/*
		@@ -19,3 +18,6 @@ COSIGN CLI

		export const save = async (repository: string, writable: Writable): Promise<void> => {
		export const save = async (
		repository: string,
		writable: Writable
		): Promise<void> => {
		return new Promise<void>(async (resolve, reject) => {
		@@ -25,7 +27,3 @@ try {

		const args = [
		"save",
		"--dir",
		tempDir,
		repository];
		const args = ['save', '--dir', tempDir, repository];

		@@ -35,21 +33,40 @@ const result = await execa(binFile, args, {});
		if (result.exitCode !== 0) {
		throw new Error("cosign save failed");
		throw new Error('cosign save failed');
		}

		const archive = create("tar", { gzip: true });
		const archive = create('tar', { gzip: true });

		archive.glob("**", {
		cwd: tempDir
		archive.glob('**', {
		cwd: tempDir,
		});

		archive
		.pipe(writable)
		.on("finish", resolve)
		.on("error", reject);
		archive.pipe(writable).on('finish', resolve).on('error', reject);


		await archive.finalize();
		} catch (error) {
		reject(error);
		}
		catch(error){
		reject(error)
		});
		};

		export const generateKeyPair = async (
		password: string,
		workingDirectory: string
		): Promise<void> => {
		return new Promise<void>(async (resolve, reject) => {
		try {
		const args = ['generate-key-pair'];
		const result = await execa(binFile, args, {
		cwd: workingDirectory,
		env: {
		COSIGN_PASSWORD: password,
		},
		});

		if (result.exitCode !== 0) {
		throw new Error('cosign save failed');
		}
		resolve();
		} catch (error) {
		reject(error);
		}
		@@ -59,24 +76,35 @@ });

		export const generateKeyPair = async (password: string, workingDirectory: string): Promise<void> => {
		return new Promise<void>(async (resolve, reject)=>{
		try{
		const args=[
		'generate-key-pair'
		]
		export const signImage = async (
		password: string,
		keyPath: string,
		image: string,
		upload = false
		): Promise<void> => {
		return new Promise<void>(async (resolve, reject) => {
		try {

		const args = [
		'sign',
		'--key',
		`${keyPath}`,
		`--upload=${upload}`,
		image,
		];

		const workingDirectory = dirname(keyPath);
		const result = await execa(binFile, args, {
		cwd: workingDirectory,
		env: {
		COSIGN_PASSWORD: password
		}
		})
		COSIGN_PASSWORD: password,
		},
		});

		if (result.exitCode !== 0) {
		throw new Error("cosign save failed");
		throw new Error('cosign save failed');
		}
		resolve()
		resolve();
		} catch (error) {
		reject(error);
		}
		catch(error){
		reject(error)
		}
		})
		}
		});
		};

lib/cosign-runner.js.map

Sorry, the diff of this file is not supported yet

@swimlane/cosign - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics