From dddc440d56d34dd3448f13bd75c6d8f0b3e0e1b4 Mon Sep 17 00:00:00 2001 From: Brian DeHamer Date: Wed, 12 Jun 2024 11:57:18 -0700 Subject: [PATCH] config rekor to fetch on conflict Signed-off-by: Brian DeHamer --- packages/attest/RELEASES.md | 1 + packages/attest/src/sign.ts | 1 + 2 files changed, 2 insertions(+) diff --git a/packages/attest/RELEASES.md b/packages/attest/RELEASES.md index 2988d768..8fad8385 100644 --- a/packages/attest/RELEASES.md +++ b/packages/attest/RELEASES.md @@ -4,6 +4,7 @@ - Dynamic construction of Sigstore API URLs - Switch to new GH provenance build type +- Fetch existing Rekor entry on 409 conflict error - Bump @sigstore/bundle from 2.3.0 to 2.3.2 - Bump @sigstore/sign from 2.3.0 to 2.3.2 diff --git a/packages/attest/src/sign.ts b/packages/attest/src/sign.ts index aad916f7..cb7119dc 100644 --- a/packages/attest/src/sign.ts +++ b/packages/attest/src/sign.ts @@ -87,6 +87,7 @@ const initBundleBuilder = (opts: SignOptions): BundleBuilder => { new RekorWitness({ rekorBaseURL: opts.rekorURL, entryType: 'dsse', + fetchOnConflict: true, timeout, retry })