updates

slsa-framework · May 26, 2022 · 08c9805 · 08c9805
1 parent a96da3f
commit 08c9805
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 16 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -1,11 +1,11 @@
-name: Verifier realeaser
+name: Verifier releaser
 
 on: 
   # For manual tests.
   workflow_dispatch:
   push:
     tags:
-      - "*" # triggers only if push new tag version, like `0.8.4` or else
+      - "*" # triggers only if push new tag version, like `0.8.4`.
 
 permissions: read-all
 

diff --git a/pkg/provenance.go b/pkg/provenance.go
@@ -58,18 +58,18 @@ var trustedReusableWorkflows = map[string]bool{
 }
 
 var (
-	ErrorInvalidDssePayload      = errors.New("invalid DSSE envelope payload")
-	errorRekorSearch             = errors.New("error searching rekor entries")
-	errorMismatchHash            = errors.New("binary artifact hash does not match provenance subject")
-	ErrorMismatchBranch          = errors.New("branch used to generate the binary does not match provenance")
-	ErrorMismatchRepository      = errors.New("repository used to generate the binary does not match provenance")
-	ErrorMismatchTag             = errors.New("tag used to generate the binary does not match provenance")
-	ErrorMismatchVersionedTag    = errors.New("tag used to generate the binary does not match provenance")
-	ErrorInvalidSemver           = errors.New("invalid semantic version")
-	errorInvalidVersion          = errors.New("invalid version")
-	errorInvalidRef              = errors.New("invalid ref")
-	errorMalformedWorkflowURI    = errors.New("malformed URI for workflow")
-	errUntrustedReusableWorkflow = errors.New("untrusted reusable workflow")
+	ErrorInvalidDssePayload        = errors.New("invalid DSSE envelope payload")
+	ErrorMismatchBranch            = errors.New("branch used to generate the binary does not match provenance")
+	ErrorMismatchRepository        = errors.New("repository used to generate the binary does not match provenance")
+	ErrorMismatchTag               = errors.New("tag used to generate the binary does not match provenance")
+	ErrorMismatchVersionedTag      = errors.New("tag used to generate the binary does not match provenance")
+	ErrorInvalidSemver             = errors.New("invalid semantic version")
+	errorRekorSearch               = errors.New("error searching rekor entries")
+	errorMismatchHash              = errors.New("binary artifact hash does not match provenance subject")
+	errorInvalidVersion            = errors.New("invalid version")
+	errorInvalidRef                = errors.New("invalid ref")
+	errorMalformedWorkflowURI      = errors.New("malformed URI for workflow")
+	errorUntrustedReusableWorkflow = errors.New("untrusted reusable workflow")
 )
 
 func EnvelopeFromBytes(payload []byte) (env *dsselib.Envelope, err error) {
@@ -394,7 +394,7 @@ func VerifyWorkflowIdentity(id *WorkflowIdentity, source string) error {
 	// Trusted workflow verification by name.
 	reusableWorkflowName := strings.Trim(workflowPath[0], "/")
 	if _, ok := trustedReusableWorkflows[reusableWorkflowName]; !ok {
-		return fmt.Errorf("%w: %s", errUntrustedReusableWorkflow, reusableWorkflowName)
+		return fmt.Errorf("%w: %s", errorUntrustedReusableWorkflow, reusableWorkflowName)
 	}
 
 	// Verify the ref.

diff --git a/pkg/provenance_test.go b/pkg/provenance_test.go
@@ -187,7 +187,7 @@ func Test_VerifyWorkflowIdentity(t *testing.T) {
 				Issuer:            "https://token.actions.githubusercontent.com",
 			},
 			source: "asraa/slsa-on-github-test",
-			err:    errUntrustedReusableWorkflow,
+			err:    errorUntrustedReusableWorkflow,
 		},
 		{
 			name: "untrusted job workflow ref for general repos",