gcbsigner

package

v0.2.2 Latest Latest Go to latest Published: Jan 10, 2020 License: Apache-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/flisbao-ciandt/kritis

Links

Open Source Insights

Documentation ¶

Overview ¶

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index ¶

type BuildEvent
type BuildProvenance
- func ExtractBuildProvenanceFromEvent(msg *pubsub.Message) ([]BuildProvenance, error)
type BuildResults
type BuildSource
type Config
type Signer
- func New(client metadata.ReadWriteClient, c *Config) Signer
- func (s Signer) ValidateAndSign(prov BuildProvenance, bps []v1beta1.BuildPolicy) error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type BuildEvent ¶

type BuildEvent struct {
	ID      string
	Status  string
	Source  BuildSource
	Results BuildResults
}

type BuildProvenance ¶

type BuildProvenance struct {
	BuildID   string
	ImageRef  string
	BuiltFrom string
}

func ExtractBuildProvenanceFromEvent ¶

func ExtractBuildProvenanceFromEvent(msg *pubsub.Message) ([]BuildProvenance, error)

ExtractBuildProvenanceFromEvent extracts the build provenance from a Cloud Builder event. Return the list of images built and their build provenance. If the event does contain relevant buikld info (e.g., the build is not yet complete, or no images were produced) then 'nil' will be returned.

TODO this should validate the provenance in the pubsub message against the information in Container Analysis that is created by Cloud Builder.

type BuildResults ¶

type BuildResults struct {
	Images []struct {
		Name   string
		Digest string
	}
}

type BuildSource ¶

type BuildSource struct {
	RepoSource struct {
		RepoName   string
		ProjectID  string
		BranchName string
		TagName    string
		CommitSHA  string
	}
}

type Config ¶

type Config struct {
	Secret   secrets.Fetcher
	Validate buildpolicy.ValidateFunc
}

type Signer ¶

type Signer struct {
	// contains filtered or unexported fields
}

func New ¶

func New(client metadata.ReadWriteClient, c *Config) Signer

func (Signer) ValidateAndSign ¶

func (s Signer) ValidateAndSign(prov BuildProvenance, bps []v1beta1.BuildPolicy) error

ValidateAndSign validates builtFrom against the build policies and creates attestations for all authorities for the matching policies. Returns an error if creating an attestation for any authority fails.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL