Open jkjell opened 8 months ago
What steps did you take and what happened:
When using a policy with artifactsFrom for two or more attestations using only the products and materials attestors (or anything other combination that doesn't generate backrefs), the policy verification fails.
artifactsFrom
What did you expect to happen:
The policy should pass.
Anything else you would like to add:
Additional details in CNCF Slack: https://cloud-native.slack.com/archives/C068F87H1MF/p1710785890611579
What steps did you take and what happened:
When using a policy with
artifactsFromfor two or more attestations using only the products and materials attestors (or anything other combination that doesn't generate backrefs), the policy verification fails.What did you expect to happen:
The policy should pass.
Anything else you would like to add:
Additional details in CNCF Slack: https://cloud-native.slack.com/archives/C068F87H1MF/p1710785890611579