Option to configure rekor server. (slsa-framework#391)

* Option to configure rekor server. - Provided an option to configure the rekor server. - Fixes slsa-framework/slsa-github-generator#372 Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com> * mend Co-authored-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
ramonpetgrave64 · Jun 27, 2022 · c206bf3 · c206bf3
1 parent 87ed420
commit c206bf3
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 5 deletions.
diff --git a/internal/builders/go/main.go b/internal/builders/go/main.go
@@ -73,8 +73,8 @@ func runBuild(dry bool, configFile, evalEnvs string) error {
 	return nil
 }
 
-func runProvenanceGeneration(subject, digest, commands, envs, workingDir string) error {
-	r := sigstore.NewDefaultRekor()
+func runProvenanceGeneration(subject, digest, commands, envs, workingDir, rekor string) error {
+	r := sigstore.NewRekor(rekor)
 	s := sigstore.NewDefaultFulcio()
 	attBytes, err := pkg.GenerateProvenance(subject, digest,
 		commands, envs, workingDir, s, r)
@@ -112,6 +112,7 @@ func main() {
 	provenanceCommand := provenanceCmd.String("command", "", "command used to compile the binary")
 	provenanceEnv := provenanceCmd.String("env", "", "env variables used to compile the binary")
 	provenanceWorkingDir := provenanceCmd.String("workingDir", "", "working directory used to issue compilation commands")
+	provenanceRekor := provenanceCmd.String("rekor", sigstore.DefaultRekorAddr, "rekor server to use for provenance")
 
 	// Expect a sub-command.
 	if len(os.Args) < 2 {
@@ -138,7 +139,7 @@ func main() {
 		}
 
 		err := runProvenanceGeneration(*provenanceName, *provenanceDigest,
-			*provenanceCommand, *provenanceEnv, *provenanceWorkingDir)
+			*provenanceCommand, *provenanceEnv, *provenanceWorkingDir, *provenanceRekor)
 		check(err)
 
 	default:

diff --git a/signing/sigstore/rekor.go b/signing/sigstore/rekor.go
@@ -12,7 +12,7 @@ import (
 )
 
 const (
-	defaultRekorAddr = "https://rekor.sigstore.dev"
+	DefaultRekorAddr = "https://rekor.sigstore.dev"
 )
 
 // Rekor implements TransparencyLog
@@ -48,7 +48,7 @@ func (e *rekorEntryAnon) UUID() string {
 
 // NewDefaultRekor returns a new Rekor instance for the Rekor public instance.
 func NewDefaultRekor() *Rekor {
-	return NewRekor(defaultRekorAddr)
+	return NewRekor(DefaultRekorAddr)
 }
 
 // NewRekor returns a new Rekor instance.