unknown flag: --key when use syft attest --key [KEY] #2544

deblaci · 2024-01-25T07:39:57Z

What happened:
Local private key support is not working because --key option is not exist anymore.

According to doc:

To generate an SBOM attestation for a container image using a local private key:
syft attest --output [FORMAT] --key [KEY] [SOURCE] [flags]

What you expected to happen:
Generate a packaged-based SBOM

Steps to reproduce the issue:
syft attest --output cyclonedx-json --key cosign.key ubuntu:latest

Anything else we need to know?:

Environment:

The text was updated successfully, but these errors were encountered:

deblaci added the bug Something isn't working label Jan 25, 2024

anchoretoolsops added this to OSS Jan 25, 2024

wagoodman assigned wagoodman and willmurphyscode Jan 25, 2024

wagoodman moved this to In Progress in OSS Jan 25, 2024

willmurphyscode mentioned this issue Jan 29, 2024

Fix attest with --key #2551

Merged

willmurphyscode closed this as completed in #2551 Jan 31, 2024

github-project-automation bot moved this from In Progress to Done in OSS Jan 31, 2024

BrewTestBot mentioned this issue Feb 10, 2024

syft 0.104.0 Homebrew/homebrew-core#162257

Merged

Provide feedback