copy: introduce new --sbom-only, --att-only flags #2002
Description
Description
Currently, we only have --sig-only flag to copy only image signature. I thought it would be nice to have also --sbom-only for copy SBOM and --sbom-only for copy ATT.
But using both these flags in the same time might be mutually exclusive since flags have -only suffix means do not copy anything but only ...
UX design:
# 1. mutually exclusive, throw an error
$ cosign copy --sbom-only --sig-only --att-only <SRC> <DST>
# 2. remove -only suffix to do both operations in the same time
# this would also mean: _also copy the image itself_, but actually does not
$ cosign copy --sbom --sig --att <SRC> <DST>
# 3. if user want to copy sig, sbom and att, have to run the followings
$ cosign copy --sig-only <SRC> <DST>
$ cosign copy --sbom-only <SRC> <DST>
$ cosign copy --att-only <SRC> <DST>
# 4. introduce a new --copy-only flag that accept custom string array
# no need to call cosign twice
$ cosign copy --copy-only=sbom,sign,att,etc <SRC> <DST>
# 5. happiest path
$ cosign copy --sig-only <SRC> <DST>
$ cosign copy --sbom-only <SRC> <DST>
$ cosign copy --att-only <SRC> <DST>PTAL @developer-guy