Skip to content

Commit 6567728

Browse files
authored
feat!(verify): deprecate --skip-signature-validation in favor of --verify (#4457)
Signed-off-by: Brandt Keller <brandt.keller@defenseunicorns.com>
1 parent a8e713b commit 6567728

32 files changed

+950
-365
lines changed

site/src/content/docs/commands/zarf_init.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -78,9 +78,9 @@ $ zarf init --artifact-push-password={PASSWORD} --artifact-push-username={USERNA
7878
--registry-url string External registry url address to use for this Zarf cluster
7979
--retries int Number of retries to perform for Zarf operations like git/image pushes (default 3)
8080
--set stringToString Specify deployment variables to set on the command line (KEY=value) (default [])
81-
--skip-signature-validation Skip validating the signature of the Zarf package
8281
--storage-class string Specify the storage class to use for the registry and git server. E.g. --storage-class=standard
8382
--timeout duration Timeout for health checks and Helm operations such as installs and rollbacks (default 15m0s)
83+
--verify Verify the Zarf package signature
8484
```
8585

8686
### Options inherited from parent commands

site/src/content/docs/commands/zarf_package_deploy.md

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -22,19 +22,19 @@ zarf package deploy [ PACKAGE_SOURCE ] [flags]
2222
### Options
2323

2424
```
25-
--adopt-existing-resources Adopts any pre-existing K8s resources into the Helm charts managed by Zarf. ONLY use when you have existing deployments you want Zarf to takeover.
26-
--components string Comma-separated list of components to deploy. Adding this flag will skip the prompts for selected components. Globbing component names with '*' and deselecting 'default' components with a leading '-' are also supported.
27-
-c, --confirm Confirms package deployment without prompting. ONLY use with packages you trust. Skips prompts to review SBOM, configure variables, select optional components and review potential breaking changes.
28-
-h, --help help for deploy
29-
-k, --key string Path to public key file for validating signed packages
30-
-n, --namespace string [Alpha] Override the namespace for package deployment. Requires the package to have only one distinct namespace defined.
31-
--oci-concurrency int Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
32-
--retries int Number of retries to perform for Zarf operations like git/image pushes (default 3)
33-
--set stringToString Specify deployment variables to set on the command line (KEY=value) (default [])
34-
--shasum string Shasum of the package to deploy. Required if deploying a remote https package.
35-
--skip-signature-validation Skip validating the signature of the Zarf package
36-
--timeout duration Timeout for health checks and Helm operations such as installs and rollbacks (default 15m0s)
37-
-v, --values strings [alpha] Values files to use for templating and Helm overrides. Multiple files can be passed in as a comma separated list, and the flag can be provided multiple times.
25+
--adopt-existing-resources Adopts any pre-existing K8s resources into the Helm charts managed by Zarf. ONLY use when you have existing deployments you want Zarf to takeover.
26+
--components string Comma-separated list of components to deploy. Adding this flag will skip the prompts for selected components. Globbing component names with '*' and deselecting 'default' components with a leading '-' are also supported.
27+
-c, --confirm Confirms package deployment without prompting. ONLY use with packages you trust. Skips prompts to review SBOM, configure variables, select optional components and review potential breaking changes.
28+
-h, --help help for deploy
29+
-k, --key string Path to public key file for validating signed packages
30+
-n, --namespace string [Alpha] Override the namespace for package deployment. Requires the package to have only one distinct namespace defined.
31+
--oci-concurrency int Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
32+
--retries int Number of retries to perform for Zarf operations like git/image pushes (default 3)
33+
--set stringToString Specify deployment variables to set on the command line (KEY=value) (default [])
34+
--shasum string Shasum of the package to deploy. Required if deploying a remote https package.
35+
--timeout duration Timeout for health checks and Helm operations such as installs and rollbacks (default 15m0s)
36+
-v, --values strings [alpha] Values files to use for templating and Helm overrides. Multiple files can be passed in as a comma separated list, and the flag can be provided multiple times.
37+
--verify Verify the Zarf package signature
3838
```
3939

4040
### Options inherited from parent commands

site/src/content/docs/commands/zarf_package_inspect.md

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -21,12 +21,12 @@ zarf package inspect [ PACKAGE_SOURCE ] [flags]
2121
### Options
2222

2323
```
24-
-h, --help help for inspect
25-
-k, --key string Path to public key file for validating signed packages
26-
--list-images List images in the package (prints to stdout)
27-
--oci-concurrency int Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
28-
--sbom-out string Specify an output directory for the SBOMs from the inspected Zarf package
29-
--skip-signature-validation Skip validating the signature of the Zarf package
24+
-h, --help help for inspect
25+
-k, --key string Path to public key file for validating signed packages
26+
--list-images List images in the package (prints to stdout)
27+
--oci-concurrency int Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
28+
--sbom-out string Specify an output directory for the SBOMs from the inspected Zarf package
29+
--verify Verify the Zarf package signature
3030
```
3131

3232
### Options inherited from parent commands

site/src/content/docs/commands/zarf_package_inspect_definition.md

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -17,11 +17,11 @@ zarf package inspect definition [ PACKAGE_SOURCE ] [flags]
1717
### Options
1818

1919
```
20-
-h, --help help for definition
21-
-k, --key string Path to public key file for validating signed packages
22-
-n, --namespace string [Alpha] Override the namespace for package inspection. Applicable only to packages deployed using the namespace flag.
23-
--oci-concurrency int Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
24-
--skip-signature-validation Skip validating the signature of the Zarf package
20+
-h, --help help for definition
21+
-k, --key string Path to public key file for validating signed packages
22+
-n, --namespace string [Alpha] Override the namespace for package inspection. Applicable only to packages deployed using the namespace flag.
23+
--oci-concurrency int Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
24+
--verify Verify the Zarf package signature
2525
```
2626

2727
### Options inherited from parent commands

site/src/content/docs/commands/zarf_package_inspect_documentation.md

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -17,12 +17,12 @@ zarf package inspect documentation [ PACKAGE_SOURCE ] [flags]
1717
### Options
1818

1919
```
20-
-h, --help help for documentation
21-
-k, --key string Path to public key file for validating signed packages
22-
--keys strings Comma-separated list of documentation keys to extract (e.g., 'configuration,changelog')
23-
--oci-concurrency int Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
24-
--output string Directory to extract documentation to (created under '<package-name>-documentation' subdirectory)
25-
--skip-signature-validation Skip validating the signature of the Zarf package
20+
-h, --help help for documentation
21+
-k, --key string Path to public key file for validating signed packages
22+
--keys strings Comma-separated list of documentation keys to extract (e.g., 'configuration,changelog')
23+
--oci-concurrency int Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
24+
--output string Directory to extract documentation to (created under '<package-name>-documentation' subdirectory)
25+
--verify Verify the Zarf package signature
2626
```
2727

2828
### Options inherited from parent commands

site/src/content/docs/commands/zarf_package_inspect_images.md

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -17,11 +17,11 @@ zarf package inspect images [ PACKAGE_SOURCE ] [flags]
1717
### Options
1818

1919
```
20-
-h, --help help for images
21-
-k, --key string Path to public key file for validating signed packages
22-
-n, --namespace string [Alpha] Override the namespace for package inspection. Applicable only to packages deployed using the namespace flag.
23-
--oci-concurrency int Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
24-
--skip-signature-validation Skip validating the signature of the Zarf package
20+
-h, --help help for images
21+
-k, --key string Path to public key file for validating signed packages
22+
-n, --namespace string [Alpha] Override the namespace for package inspection. Applicable only to packages deployed using the namespace flag.
23+
--oci-concurrency int Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
24+
--verify Verify the Zarf package signature
2525
```
2626

2727
### Options inherited from parent commands

site/src/content/docs/commands/zarf_package_inspect_manifests.md

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -17,13 +17,13 @@ zarf package inspect manifests [ PACKAGE ] [flags]
1717
### Options
1818

1919
```
20-
--components string comma separated list of components to show manifests for
21-
-h, --help help for manifests
22-
-k, --key string Path to public key file for validating signed packages
23-
--kube-version string Override the default helm template KubeVersion when performing a package chart template
24-
--oci-concurrency int Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
25-
--set stringToString Specify deployment variables to set on the command line (KEY=value) (default [])
26-
--skip-signature-validation Skip validating the signature of the Zarf package
20+
--components string comma separated list of components to show manifests for
21+
-h, --help help for manifests
22+
-k, --key string Path to public key file for validating signed packages
23+
--kube-version string Override the default helm template KubeVersion when performing a package chart template
24+
--oci-concurrency int Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
25+
--set stringToString Specify deployment variables to set on the command line (KEY=value) (default [])
26+
--verify Verify the Zarf package signature
2727
```
2828

2929
### Options inherited from parent commands

site/src/content/docs/commands/zarf_package_inspect_sbom.md

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -17,11 +17,11 @@ zarf package inspect sbom [ PACKAGE ] [flags]
1717
### Options
1818

1919
```
20-
-h, --help help for sbom
21-
-k, --key string Path to public key file for validating signed packages
22-
--oci-concurrency int Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
23-
--output string Specify an output directory for the SBOMs from the created Zarf package
24-
--skip-signature-validation Skip validating the signature of the Zarf package
20+
-h, --help help for sbom
21+
-k, --key string Path to public key file for validating signed packages
22+
--oci-concurrency int Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
23+
--output string Specify an output directory for the SBOMs from the created Zarf package
24+
--verify Verify the Zarf package signature
2525
```
2626

2727
### Options inherited from parent commands

site/src/content/docs/commands/zarf_package_inspect_values-files.md

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -21,13 +21,13 @@ zarf package inspect values-files [ PACKAGE ] [flags]
2121
### Options
2222

2323
```
24-
--components string comma separated list of components to show values files for
25-
-h, --help help for values-files
26-
-k, --key string Path to public key file for validating signed packages
27-
--kube-version string Override the default helm template KubeVersion when performing a package chart template
28-
--oci-concurrency int Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
29-
--set stringToString Specify deployment variables to set on the command line (KEY=value) (default [])
30-
--skip-signature-validation Skip validating the signature of the Zarf package
24+
--components string comma separated list of components to show values files for
25+
-h, --help help for values-files
26+
-k, --key string Path to public key file for validating signed packages
27+
--kube-version string Override the default helm template KubeVersion when performing a package chart template
28+
--oci-concurrency int Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
29+
--set stringToString Specify deployment variables to set on the command line (KEY=value) (default [])
30+
--verify Verify the Zarf package signature
3131
```
3232

3333
### Options inherited from parent commands

site/src/content/docs/commands/zarf_package_mirror-resources.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -68,7 +68,7 @@ $ zarf package mirror-resources <your-package.tar.zst> --repos \
6868
--repos mirror only the git repositories
6969
--retries int Number of retries to perform for Zarf operations like git/image pushes (default 3)
7070
--shasum string Shasum of the package to pull. Required if pulling a https package. A shasum can be retrieved using 'zarf dev sha256sum <url>'
71-
--skip-signature-validation Skip validating the signature of the Zarf package
71+
--verify Verify the Zarf package signature
7272
```
7373

7474
### Options inherited from parent commands

0 commit comments

Comments
 (0)