From 2411bfb8dac767141f16b01d8efa34e2105213c2 Mon Sep 17 00:00:00 2001
From: Radoslav Dimitrov <radoslav@stacklok.com>
Date: Thu, 11 Apr 2024 12:35:41 +0300
Subject: [PATCH] Update artifact_signature.yaml

---
 rule-types/github/artifact_signature.yaml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/rule-types/github/artifact_signature.yaml b/rule-types/github/artifact_signature.yaml
index ba2912b..e331d24 100644
--- a/rule-types/github/artifact_signature.yaml
+++ b/rule-types/github/artifact_signature.yaml
@@ -27,7 +27,7 @@ def:
     properties:
       name:
         type: string
-        description: "The name of the artifact to check."
+        description: "The name of the artifact to check. Leave blank to match all names."
       tags:
         "type": array
         "items": {
@@ -54,10 +54,10 @@ def:
     properties:
       is_signed:
         type: boolean
-        description: "Set to true to enforce artifact being signed."
+        description: "Set to true to enforce artifact being signed. This checks only if there's a signature for this image, but it doesn't verify it."
       is_verified:
         type: boolean
-        description: "Set to true to enforce artifact signature being verified."
+        description: "Set to true to enforce artifact signature being verified. This checks that the signature is valid."
       repository:
         type: string
         description: "Set the repository that is expected to produce the artifact, i.e. https://github.com/stacklok/minder"
@@ -72,7 +72,7 @@ def:
         description: "Set the runner environment that is expected to produce the artifact, i.e. github-hosted"
       allowed_workflow:
         type: boolean
-        description: "Set to true to enforce checking if the workflow that build this artifact is part of the allowed workflows"
+        description: "Set to true to enforce checking if the workflow that build this artifact is part of the allowed workflows. Note: Not implemented yet."
       cert_issuer:
         type: string
         description: "Set the certificate issuer that is expected to produce the artifact provenance, i.e. https://token.actions.githubusercontent.com"
@@ -104,4 +104,4 @@ def:
   # Defines the configuration for alerting on the rule
   alert:
     type: security_advisory
-    security_advisory: {}
\ No newline at end of file
+    security_advisory: {}