From bb24bfa2d0ace0f5adab9b9d41ef24c04898b660 Mon Sep 17 00:00:00 2001
From: Predrag Rogic <prezha@users.noreply.github.com>
Date: Mon, 1 Jul 2024 14:11:34 +0100
Subject: [PATCH] respect least surprise principle - keep default keyless and
 warnings

---
 README.md          | 10 +++++-----
 hooks/post-command |  2 +-
 plugin.yml         |  2 +-
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index 1488b7d..c3be136 100644
--- a/README.md
+++ b/README.md
@@ -32,7 +32,7 @@ The following code snippets demonstrates how to use the plugin in a pipeline
 step with the configuration parameters and upload the signature to the same
 repository as the container image.
 
-### Keyless signing
+### Keyless signing (default)
 
 #### Using the Public-Good Sigstore Instance
 
@@ -43,7 +43,6 @@ steps:
   - plugins:
       - equinixmetal-buildkite/cosign#v0.1.0:
           image: "ghcr.io/my-project/my-image@sha256:1e1e4f97dd84970160975922715909577d6c12eaaf6047021875674fa7166c27"
-          keyless: true
 ```
 
 #### Using a custom/private Sigstore Instance
@@ -53,7 +52,6 @@ steps:
   - plugins:
       - equinixmetal-buildkite/cosign#v0.1.0:
           image: "ghcr.io/my-project/my-image@sha256:1e1e4f97dd84970160975922715909577d6c12eaaf6047021875674fa7166c27"
-          keyless: true
           keyless-config:
             tuf-mirror-url: "https://tuf.my-sigstore.dev"
             tuf-root-url: "https://tuf.my-sigstore.dev/root.json"
@@ -61,7 +59,7 @@ steps:
             fulcio-url: "https://fulcio.my-sigstore.dev"
 ```
 
-### Keyed signing (default)
+### Keyed signing
 
 Note: Currently, only the file-based keyed signing is supported.
 
@@ -74,6 +72,7 @@ steps:
   - plugins:
       - equinixmetal-buildkite/cosign#v0.1.0:
           image: "ghcr.io/my-project/my-image@sha256:1e1e4f97dd84970160975922715909577d6c12eaaf6047021875674fa7166c27"
+          keyless: false
           keyed-config:
             key: "/path-to/cosign.key"
 ```
@@ -85,6 +84,7 @@ steps:
   - plugins:
       - equinixmetal-buildkite/cosign#v0.1.0:
           image: "ghcr.io/my-project/my-image@sha256:1e1e4f97dd84970160975922715909577d6c12eaaf6047021875674fa7166c27"
+          keyless: false
           keyed-config:
             tuf-mirror-url: "https://tuf.my-sigstore.dev"
             tuf-root-url: "https://tuf.my-sigstore.dev/root.json"
@@ -104,7 +104,7 @@ See `Important notes` above for details.
 ### `keyless` (Optional, boolean)
 
 If set to `true`, the plugin will use keyless signatures. If set to `false`, the
-plugin will use a keypair. If not specified, the plugin will default to `false`.
+plugin will use a keypair. If not specified, the plugin will default to `true`.
 
 ### `keyless-config` (Optional, object)
 
diff --git a/hooks/post-command b/hooks/post-command
index 7a4a606..2c96aa0 100755
--- a/hooks/post-command
+++ b/hooks/post-command
@@ -76,7 +76,7 @@ sigfile="sigstore-${random}.sig"
 # flags for the cosign sign command
 sign_flags=("-y" "--output-signature" "${sigfile}")
 
-is_keyless=${BUILDKITE_PLUGIN_COSIGN_KEYLESS:-false}
+is_keyless=${BUILDKITE_PLUGIN_COSIGN_KEYLESS:-true}
 
 # Hook functions
 ################
diff --git a/plugin.yml b/plugin.yml
index f8c84d7..6854e53 100644
--- a/plugin.yml
+++ b/plugin.yml
@@ -14,7 +14,7 @@ configuration:
     keyless:
       type: boolean
       description: "Use keyless signing"
-      default: false
+      default: true
     keyless-config:
       type: object
       properties: