sigstore · dlorenc · Jun 24, 2022 · Jun 23, 2022 · Jun 23, 2022 · imjasonh
@@ -77,6 +77,7 @@ func Attest() *cobra.Command {
 				OIDCClientSecret:         oidcClientSecret,
 				OIDCRedirectURL:          o.OIDC.RedirectURL,
 				OIDCProvider:             o.OIDC.Provider,
+				SkipConfirmation:         o.SkipConfirmation,
 			}
 			for _, img := range args {
 				if err := attest.AttestCmd(cmd.Context(), ko, o.Registry, img, o.Cert, o.CertChain, o.NoUpload,

@@ -16,19 +16,20 @@
 package cli
 
 import (
+	"bufio"
 	"context"
 	"errors"
 	"fmt"
 	"net/http"
 	"os"
+	"strings"
 
 	"github.com/google/go-containerregistry/pkg/name"
 	"github.com/google/go-containerregistry/pkg/v1/remote"
 	"github.com/google/go-containerregistry/pkg/v1/remote/transport"
 	"github.com/spf13/cobra"
 
 	"github.com/sigstore/cosign/cmd/cosign/cli/options"
-	"github.com/sigstore/cosign/pkg/cosign"
 	ociremote "github.com/sigstore/cosign/pkg/oci/remote"
 )
 
@@ -49,9 +50,21 @@ func Clean() *cobra.Command {
 	return cmd
 }
 
+// confirmPromptDestructive prompts the user for confirmation for an action. Ignores
+// skipConfirmation.
+func confirmPromptDestructive(msg string) (bool, error) {
+	fmt.Fprintf(os.Stderr, "%s\n\nAre you sure you want to continue? (y/[N]): ", msg)
+	reader := bufio.NewReader(os.Stdin)
+	r, err := reader.ReadString('\n')
+	if err != nil {
+		return false, err
+	}
+	return strings.Trim(r, "\n") == "Y" || strings.Trim(r, "\n") == "y", nil
+}
+
 func CleanCmd(ctx context.Context, regOpts options.RegistryOptions, cleanType, imageRef string, force bool) error {
 	if !force {
-		ok, err := cosign.ConfirmPromptDestructive(prompt(cleanType))
+		ok, err := confirmPromptDestructive(prompt(cleanType))
 		if err != nil {
 			return err
 		}

@@ -26,7 +26,6 @@ import (
 
 	cranecmd "github.com/google/go-containerregistry/cmd/crane/cmd"
 	"github.com/sigstore/cosign/cmd/cosign/cli/options"
-	"github.com/sigstore/cosign/pkg/cosign"
 )
 
 var (
@@ -75,10 +74,6 @@ func New() *cobra.Command {
 				logs.Debug.SetOutput(os.Stderr)
 			}
 
-			if ro.SkipConfirmation {
-				cosign.SetSkipConfirmation(ro.SkipConfirmation)
-			}
-
 			return nil
 		},
 		PersistentPostRun: func(cmd *cobra.Command, args []string) {

@@ -164,7 +164,7 @@ func NewSigner(ctx context.Context, ko options.KeyOpts) (*Signer, error) {
 		fmt.Fprintln(os.Stderr, "Non-interactive mode detected, using device flow.")
 		flow = FlowDevice
 	default:
-		ok, err := cosign.ConfirmPrompt(PrivacyStatementConfirmation)
+		ok, err := cosign.ConfirmPrompt(PrivacyStatementConfirmation, ko.SkipConfirmation)
 		if err != nil {
 			return nil, err
 		}

@@ -31,7 +31,6 @@ var (
 
 // nolint
 func ImportKeyPairCmd(ctx context.Context, keyVal string, args []string) error {
-
 	keys, err := cosign.ImportKeyPair(keyVal, GetPass)
 	if err != nil {
 		return err

@@ -21,13 +21,14 @@ import (
 
 // AttestOptions is the top level wrapper for the attest command.
 type AttestOptions struct {
-	Key       string
-	Cert      string
-	CertChain string
-	NoUpload  bool
-	Force     bool
-	Recursive bool
-	Replace   bool
+	Key              string
+	Cert             string
+	CertChain        string
+	NoUpload         bool
+	Force            bool
+	Recursive        bool
+	Replace          bool
+	SkipConfirmation bool
 
 	Rekor       RekorOptions
 	Fulcio      FulcioOptions
@@ -71,4 +72,7 @@ func (o *AttestOptions) AddFlags(cmd *cobra.Command) {
 
 	cmd.Flags().BoolVarP(&o.Replace, "replace", "", false,
 		"")
+
+	cmd.Flags().BoolVarP(&o.SkipConfirmation, "yes", "y", false,
+		"skip confirmation prompts for non-destructive operations")
 }
@@ -32,6 +32,8 @@ type KeyOpts struct {
 	OIDCDisableProviders bool   // Disable OIDC credential providers in keyless signer
 	OIDCProvider         string // Specify which OIDC credential provider to use for keyless signer
 	BundlePath           string
+	SkipConfirmation     bool
+
 	// FulcioAuthFlow is the auth flow to use when authenticating against
 	// Fulcio. See https://pkg.go.dev/github.com/sigstore/cosign/cmd/cosign/cli/fulcio#pkg-constants
 	// for valid values.

@@ -56,11 +56,12 @@ func (o *PolicyInitOptions) AddFlags(cmd *cobra.Command) {
 }
 
 type PolicySignOptions struct {
-	ImageRef string
-	OutFile  string
-	Registry RegistryOptions
-	Fulcio   FulcioOptions
-	Rekor    RekorOptions
+	ImageRef         string
+	OutFile          string
+	Registry         RegistryOptions
+	Fulcio           FulcioOptions
+	Rekor            RekorOptions
+	SkipConfirmation bool
 
 	OIDC OIDCOptions
 }
@@ -75,6 +76,9 @@ func (o *PolicySignOptions) AddFlags(cmd *cobra.Command) {
 	cmd.Flags().StringVar(&o.OutFile, "out", "o",
 		"output policy locally")
 
+	cmd.Flags().BoolVarP(&o.SkipConfirmation, "yes", "y", false,
+		"skip confirmation prompts for non-destructive operations")
+
 	o.Registry.AddFlags(cmd)
 	o.Fulcio.AddFlags(cmd)
 	o.Rekor.AddFlags(cmd)

@@ -23,10 +23,9 @@ import (
 
 // RootOptions define flags and options for the root cosign cli.
 type RootOptions struct {
-	OutputFile       string
-	Verbose          bool
-	Timeout          time.Duration
-	SkipConfirmation bool
+	OutputFile string
+	Verbose    bool
+	Timeout    time.Duration
 }
 
 // DefaultTimeout specifies the default timeout for commands.
@@ -44,7 +43,4 @@ func (o *RootOptions) AddFlags(cmd *cobra.Command) {
 
 	cmd.PersistentFlags().DurationVarP(&o.Timeout, "timeout", "t", DefaultTimeout,
 		"timeout for commands")
-
-	cmd.PersistentFlags().BoolVarP(&o.SkipConfirmation, "yes", "y", false,
-		"skip confirmation prompts for non-destructive operations")
 }
@@ -32,6 +32,7 @@ type SignOptions struct {
 	Force             bool
 	Recursive         bool
 	Attachment        string
+	SkipConfirmation  bool
 
 	Rekor       RekorOptions
 	Fulcio      FulcioOptions
@@ -84,4 +85,7 @@ func (o *SignOptions) AddFlags(cmd *cobra.Command) {
 
 	cmd.Flags().StringVar(&o.Attachment, "attachment", "",
 		"related image attachment to sign (sbom), default none")
+
+	cmd.Flags().BoolVarP(&o.SkipConfirmation, "yes", "y", false,
+		"skip confirmation prompts for non-destructive operations")
 }
@@ -33,6 +33,7 @@ type SignBlobOptions struct {
 	OIDC              OIDCOptions
 	Registry          RegistryOptions
 	BundlePath        string
+	SkipConfirmation  bool
 }
 
 var _ Interface = (*SignBlobOptions)(nil)
@@ -62,4 +63,7 @@ func (o *SignBlobOptions) AddFlags(cmd *cobra.Command) {
 
 	cmd.Flags().StringVar(&o.BundlePath, "bundle", "",
 		"write everything required to verify the blob to a FILE")
+
+	cmd.Flags().BoolVarP(&o.SkipConfirmation, "yes", "y", false,
+		"skip confirmation prompts for non-destructive operations")
 }
@@ -189,6 +189,7 @@ func signPolicy() *cobra.Command {
 				OIDCClientSecret:         oidcClientSecret,
 				OIDCRedirectURL:          o.OIDC.RedirectURL,
 				OIDCProvider:             o.OIDC.Provider,
+				SkipConfirmation:         o.SkipConfirmation,
 			})
 			if err != nil {
 				return err

@@ -97,6 +97,7 @@ func Sign() *cobra.Command {
 				OIDCRedirectURL:          o.OIDC.RedirectURL,
 				OIDCDisableProviders:     o.OIDC.DisableAmbientProviders,
 				OIDCProvider:             o.OIDC.Provider,
+				SkipConfirmation:         o.SkipConfirmation,
 			}
 			annotationsMap, err := o.AnnotationsMap()
 			if err != nil {

@@ -82,6 +82,7 @@ func SignBlob() *cobra.Command {
 				OIDCRedirectURL:          o.OIDC.RedirectURL,
 				OIDCDisableProviders:     o.OIDC.DisableAmbientProviders,
 				BundlePath:               o.BundlePath,
+				SkipConfirmation:         o.SkipConfirmation,
 			}
 			for _, blob := range args {
 				// TODO: remove when the output flag has been deprecated