added version to the signing config message. (#383)

Signed-off-by: Fredrik Skogman <[email protected]>
sigstore · Aug 22, 2024 · ea7269b · ea7269b
1 parent 0606c22
commit ea7269b
Show file tree

Hide file tree

Showing 9 changed files with 36 additions and 3 deletions.
diff --git a/gen/jsonschema/schemas/ClientTrustConfig.schema.json b/gen/jsonschema/schemas/ClientTrustConfig.schema.json
@@ -188,6 +188,10 @@
         },
         "dev.sigstore.trustroot.v1.SigningConfig": {
             "properties": {
+                "mediaType": {
+                    "type": "string",
+                    "description": "MUST be application/vnd.dev.sigstore.signingconfig.v0.1+json"
+                },
                 "caUrl": {
                     "type": "string",
                     "description": "A URL to a Fulcio-compatible CA, capable of receiving Certificate Signing Requests (CSRs) and responding with issued certificates. This URL **MUST** be the \"base\" URL for the CA, which clients should construct an appropriate CSR endpoint on top of. For example, if `ca_url` is `https://example.com/ca`, then the client **MAY** construct the CSR endpoint as `https://example.com/ca/api/v2/signingCert`."

diff --git a/gen/jsonschema/schemas/SigningConfig.schema.json b/gen/jsonschema/schemas/SigningConfig.schema.json
@@ -4,6 +4,10 @@
     "definitions": {
         "SigningConfig": {
             "properties": {
+                "mediaType": {
+                    "type": "string",
+                    "description": "MUST be application/vnd.dev.sigstore.signingconfig.v0.1+json"
+                },
                 "caUrl": {
                     "type": "string",
                     "description": "A URL to a Fulcio-compatible CA, capable of receiving Certificate Signing Requests (CSRs) and responding with issued certificates. This URL **MUST** be the \"base\" URL for the CA, which clients should construct an appropriate CSR endpoint on top of. For example, if `ca_url` is `https://example.com/ca`, then the client **MAY** construct the CSR endpoint as `https://example.com/ca/api/v2/signingCert`."

diff --git a/gen/pb-go/trustroot/v1/sigstore_trustroot.pb.go b/gen/pb-go/trustroot/v1/sigstore_trustroot.pb.go
diff --git a/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/trustroot/v1/__init__.py b/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/trustroot/v1/__init__.py
diff --git a/gen/pb-ruby/lib/sigstore_trustroot_pb.rb b/gen/pb-ruby/lib/sigstore_trustroot_pb.rb
diff --git a/gen/pb-rust/sigstore-protobuf-specs/src/generated/dev.sigstore.trustroot.v1.rs b/gen/pb-rust/sigstore-protobuf-specs/src/generated/dev.sigstore.trustroot.v1.rs
@@ -170,6 +170,9 @@ pub struct TrustedRoot {
 #[allow(clippy::derive_partial_eq_without_eq)]
 #[derive(Clone, PartialEq, ::prost::Message)]
 pub struct SigningConfig {
+    /// MUST be application/vnd.dev.sigstore.signingconfig.v0.1+json
+    #[prost(string, tag = "5")]
+    pub media_type: ::prost::alloc::string::String,
     /// A URL to a Fulcio-compatible CA, capable of receiving
     /// Certificate Signing Requests (CSRs) and responding with
     /// issued certificates.

diff --git a/gen/pb-rust/sigstore-protobuf-specs/src/generated/file_descriptor_set.bin b/gen/pb-rust/sigstore-protobuf-specs/src/generated/file_descriptor_set.bin
diff --git a/gen/pb-typescript/src/__generated__/sigstore_trustroot.ts b/gen/pb-typescript/src/__generated__/sigstore_trustroot.ts
diff --git a/protos/sigstore_trustroot.proto b/protos/sigstore_trustroot.proto
@@ -148,6 +148,9 @@ message TrustedRoot {
 // signing. In particular, it primarily contains service URLs that a Sigstore
 // signer may need to connect to for the online aspects of signing.
 message SigningConfig {
+        // MUST be application/vnd.dev.sigstore.signingconfig.v0.1+json
+        string media_type = 5;
+
         // A URL to a Fulcio-compatible CA, capable of receiving
         // Certificate Signing Requests (CSRs) and responding with
         // issued certificates.