feat!(verify): deprecate --skip-signature-validation in favor of --verify (#4457)

Signed-off-by: Brandt Keller <brandt.keller@defenseunicorns.com>

Author: brandtkeller

site/src/content/docs/commands/zarf_init.md

@@ -78,9 +78,9 @@ $ zarf init --artifact-push-password={PASSWORD} --artifact-push-username={USERNA
       --registry-url string             External registry url address to use for this Zarf cluster
       --retries int                     Number of retries to perform for Zarf operations like git/image pushes (default 3)
       --set stringToString              Specify deployment variables to set on the command line (KEY=value) (default [])
-      --skip-signature-validation       Skip validating the signature of the Zarf package
       --storage-class string            Specify the storage class to use for the registry and git server.  E.g. --storage-class=standard
       --timeout duration                Timeout for health checks and Helm operations such as installs and rollbacks (default 15m0s)
+      --verify                          Verify the Zarf package signature
 ```
 
 ### Options inherited from parent commands

site/src/content/docs/commands/zarf_package_deploy.md

@@ -22,19 +22,19 @@ zarf package deploy [ PACKAGE_SOURCE ] [flags]
 ### Options
 
 ```
-      --adopt-existing-resources    Adopts any pre-existing K8s resources into the Helm charts managed by Zarf. ONLY use when you have existing deployments you want Zarf to takeover.
-      --components string           Comma-separated list of components to deploy.  Adding this flag will skip the prompts for selected components.  Globbing component names with '*' and deselecting 'default' components with a leading '-' are also supported.
-  -c, --confirm                     Confirms package deployment without prompting. ONLY use with packages you trust. Skips prompts to review SBOM, configure variables, select optional components and review potential breaking changes.
-  -h, --help                        help for deploy
-  -k, --key string                  Path to public key file for validating signed packages
-  -n, --namespace string            [Alpha] Override the namespace for package deployment. Requires the package to have only one distinct namespace defined.
-      --oci-concurrency int         Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
-      --retries int                 Number of retries to perform for Zarf operations like git/image pushes (default 3)
-      --set stringToString          Specify deployment variables to set on the command line (KEY=value) (default [])
-      --shasum string               Shasum of the package to deploy. Required if deploying a remote https package.
-      --skip-signature-validation   Skip validating the signature of the Zarf package
-      --timeout duration            Timeout for health checks and Helm operations such as installs and rollbacks (default 15m0s)
-  -v, --values strings              [alpha] Values files to use for templating and Helm overrides. Multiple files can be passed in as a comma separated list, and the flag can be provided multiple times.
+      --adopt-existing-resources   Adopts any pre-existing K8s resources into the Helm charts managed by Zarf. ONLY use when you have existing deployments you want Zarf to takeover.
+      --components string          Comma-separated list of components to deploy.  Adding this flag will skip the prompts for selected components.  Globbing component names with '*' and deselecting 'default' components with a leading '-' are also supported.
+  -c, --confirm                    Confirms package deployment without prompting. ONLY use with packages you trust. Skips prompts to review SBOM, configure variables, select optional components and review potential breaking changes.
+  -h, --help                       help for deploy
+  -k, --key string                 Path to public key file for validating signed packages
+  -n, --namespace string           [Alpha] Override the namespace for package deployment. Requires the package to have only one distinct namespace defined.
+      --oci-concurrency int        Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
+      --retries int                Number of retries to perform for Zarf operations like git/image pushes (default 3)
+      --set stringToString         Specify deployment variables to set on the command line (KEY=value) (default [])
+      --shasum string              Shasum of the package to deploy. Required if deploying a remote https package.
+      --timeout duration           Timeout for health checks and Helm operations such as installs and rollbacks (default 15m0s)
+  -v, --values strings             [alpha] Values files to use for templating and Helm overrides. Multiple files can be passed in as a comma separated list, and the flag can be provided multiple times.
+      --verify                     Verify the Zarf package signature
 ```
 
 ### Options inherited from parent commands

site/src/content/docs/commands/zarf_package_inspect.md

@@ -21,12 +21,12 @@ zarf package inspect [ PACKAGE_SOURCE ] [flags]
 ### Options
 
 ```
-  -h, --help                        help for inspect
-  -k, --key string                  Path to public key file for validating signed packages
-      --list-images                 List images in the package (prints to stdout)
-      --oci-concurrency int         Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
-      --sbom-out string             Specify an output directory for the SBOMs from the inspected Zarf package
-      --skip-signature-validation   Skip validating the signature of the Zarf package
+  -h, --help                  help for inspect
+  -k, --key string            Path to public key file for validating signed packages
+      --list-images           List images in the package (prints to stdout)
+      --oci-concurrency int   Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
+      --sbom-out string       Specify an output directory for the SBOMs from the inspected Zarf package
+      --verify                Verify the Zarf package signature
 ```
 
 ### Options inherited from parent commands

site/src/content/docs/commands/zarf_package_inspect_definition.md

@@ -17,11 +17,11 @@ zarf package inspect definition [ PACKAGE_SOURCE ] [flags]
 ### Options
 
 ```
-  -h, --help                        help for definition
-  -k, --key string                  Path to public key file for validating signed packages
-  -n, --namespace string            [Alpha] Override the namespace for package inspection. Applicable only to packages deployed using the namespace flag.
-      --oci-concurrency int         Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
-      --skip-signature-validation   Skip validating the signature of the Zarf package
+  -h, --help                  help for definition
+  -k, --key string            Path to public key file for validating signed packages
+  -n, --namespace string      [Alpha] Override the namespace for package inspection. Applicable only to packages deployed using the namespace flag.
+      --oci-concurrency int   Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
+      --verify                Verify the Zarf package signature
 ```
 
 ### Options inherited from parent commands

site/src/content/docs/commands/zarf_package_inspect_documentation.md

@@ -17,12 +17,12 @@ zarf package inspect documentation [ PACKAGE_SOURCE ] [flags]
 ### Options
 
 ```
-  -h, --help                        help for documentation
-  -k, --key string                  Path to public key file for validating signed packages
-      --keys strings                Comma-separated list of documentation keys to extract (e.g., 'configuration,changelog')
-      --oci-concurrency int         Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
-      --output string               Directory to extract documentation to (created under '<package-name>-documentation' subdirectory)
-      --skip-signature-validation   Skip validating the signature of the Zarf package
+  -h, --help                  help for documentation
+  -k, --key string            Path to public key file for validating signed packages
+      --keys strings          Comma-separated list of documentation keys to extract (e.g., 'configuration,changelog')
+      --oci-concurrency int   Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
+      --output string         Directory to extract documentation to (created under '<package-name>-documentation' subdirectory)
+      --verify                Verify the Zarf package signature
 ```
 
 ### Options inherited from parent commands

site/src/content/docs/commands/zarf_package_inspect_images.md

@@ -17,11 +17,11 @@ zarf package inspect images [ PACKAGE_SOURCE ] [flags]
 ### Options
 
 ```
-  -h, --help                        help for images
-  -k, --key string                  Path to public key file for validating signed packages
-  -n, --namespace string            [Alpha] Override the namespace for package inspection. Applicable only to packages deployed using the namespace flag.
-      --oci-concurrency int         Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
-      --skip-signature-validation   Skip validating the signature of the Zarf package
+  -h, --help                  help for images
+  -k, --key string            Path to public key file for validating signed packages
+  -n, --namespace string      [Alpha] Override the namespace for package inspection. Applicable only to packages deployed using the namespace flag.
+      --oci-concurrency int   Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
+      --verify                Verify the Zarf package signature
 ```
 
 ### Options inherited from parent commands

site/src/content/docs/commands/zarf_package_inspect_manifests.md

@@ -17,13 +17,13 @@ zarf package inspect manifests [ PACKAGE ] [flags]
 ### Options
 
 ```
-      --components string           comma separated list of components to show manifests for
-  -h, --help                        help for manifests
-  -k, --key string                  Path to public key file for validating signed packages
-      --kube-version string         Override the default helm template KubeVersion when performing a package chart template
-      --oci-concurrency int         Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
-      --set stringToString          Specify deployment variables to set on the command line (KEY=value) (default [])
-      --skip-signature-validation   Skip validating the signature of the Zarf package
+      --components string     comma separated list of components to show manifests for
+  -h, --help                  help for manifests
+  -k, --key string            Path to public key file for validating signed packages
+      --kube-version string   Override the default helm template KubeVersion when performing a package chart template
+      --oci-concurrency int   Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
+      --set stringToString    Specify deployment variables to set on the command line (KEY=value) (default [])
+      --verify                Verify the Zarf package signature
 ```
 
 ### Options inherited from parent commands

site/src/content/docs/commands/zarf_package_inspect_sbom.md

@@ -17,11 +17,11 @@ zarf package inspect sbom [ PACKAGE ] [flags]
 ### Options
 
 ```
-  -h, --help                        help for sbom
-  -k, --key string                  Path to public key file for validating signed packages
-      --oci-concurrency int         Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
-      --output string               Specify an output directory for the SBOMs from the created Zarf package
-      --skip-signature-validation   Skip validating the signature of the Zarf package
+  -h, --help                  help for sbom
+  -k, --key string            Path to public key file for validating signed packages
+      --oci-concurrency int   Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
+      --output string         Specify an output directory for the SBOMs from the created Zarf package
+      --verify                Verify the Zarf package signature
 ```
 
 ### Options inherited from parent commands

site/src/content/docs/commands/zarf_package_inspect_values-files.md

@@ -21,13 +21,13 @@ zarf package inspect values-files [ PACKAGE ] [flags]
 ### Options
 
 ```
-      --components string           comma separated list of components to show values files for
-  -h, --help                        help for values-files
-  -k, --key string                  Path to public key file for validating signed packages
-      --kube-version string         Override the default helm template KubeVersion when performing a package chart template
-      --oci-concurrency int         Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
-      --set stringToString          Specify deployment variables to set on the command line (KEY=value) (default [])
-      --skip-signature-validation   Skip validating the signature of the Zarf package
+      --components string     comma separated list of components to show values files for
+  -h, --help                  help for values-files
+  -k, --key string            Path to public key file for validating signed packages
+      --kube-version string   Override the default helm template KubeVersion when performing a package chart template
+      --oci-concurrency int   Number of concurrent layer operations when pulling or pushing images or packages to/from OCI registries. (default 6)
+      --set stringToString    Specify deployment variables to set on the command line (KEY=value) (default [])
+      --verify                Verify the Zarf package signature
 ```
 
 ### Options inherited from parent commands

site/src/content/docs/commands/zarf_package_mirror-resources.md

@@ -68,7 +68,7 @@ $ zarf package mirror-resources <your-package.tar.zst> --repos \
       --repos                           mirror only the git repositories
       --retries int                     Number of retries to perform for Zarf operations like git/image pushes (default 3)
       --shasum string                   Shasum of the package to pull. Required if pulling a https package. A shasum can be retrieved using 'zarf dev sha256sum <url>'
-      --skip-signature-validation       Skip validating the signature of the Zarf package
+      --verify                          Verify the Zarf package signature
 ```
 
 ### Options inherited from parent commands