Documentation ¶
Index ¶
- Constants
- Variables
- func AbsoluteReference(repo *git.Repository, target string) (string, error)
- func ApplyCommit(repo *git.Repository, commit *object.Commit, curRef *plumbing.Reference) (plumbing.Hash, error)
- func ApplyTag(repo *git.Repository, tag *object.Tag) (plumbing.Hash, error)
- func CloneAndFetch(ctx context.Context, remoteURL, dir, initialBranch string, refs []string) (*git.Repository, error)
- func CloneAndFetchToMemory(ctx context.Context, remoteURL, initialBranch string, refs []string) (*git.Repository, error)
- func Commit(repo *git.Repository, treeHash plumbing.Hash, targetRef string, message string, ...) (plumbing.Hash, error)
- func CommitUsingSpecificKey(repo *git.Repository, treeHash plumbing.Hash, targetRef, message string, ...) (plumbing.Hash, error)
- func CreateCommitObject(gitConfig *config.Config, treeHash plumbing.Hash, parentHashes []plumbing.Hash, ...) *object.Commit
- func CreateTagObject(gitConfig *config.Config, targetObj object.Object, name, message string, ...) *object.Tag
- func EmptyBlob() plumbing.Hash
- func EmptyTree() plumbing.Hash
- func Fetch(ctx context.Context, repo *git.Repository, remoteName string, refs []string, ...) error
- func FetchRefSpec(ctx context.Context, repo *git.Repository, remoteName string, ...) error
- func GetAllFilesInTree(tree *object.Tree) (map[string]plumbing.Hash, error)
- func GetBlob(repo *git.Repository, blobID plumbing.Hash) (*object.Blob, error)
- func GetCommit(repo *git.Repository, commitID plumbing.Hash) (*object.Commit, error)
- func GetCommitFilePaths(commit *object.Commit) ([]string, error)
- func GetCommitsBetweenRange(repo *git.Repository, commitNewID, commitOldID plumbing.Hash) ([]*object.Commit, error)
- func GetDiffFilePaths(commitA, commitB *object.Commit) ([]string, error)
- func GetFilePathsChangedByCommit(repo *git.Repository, commit *object.Commit) ([]string, error)
- func GetSigningCommand() (string, []string, error)
- func GetTag(repo *git.Repository, tagID plumbing.Hash) (*object.Tag, error)
- func GetTip(repo *git.Repository, refName string) (plumbing.Hash, error)
- func GetTree(repo *git.Repository, treeID plumbing.Hash) (*object.Tree, error)
- func IsTag(repo *git.Repository, target string) bool
- func KnowsCommit(repo *git.Repository, commitID plumbing.Hash, commit *object.Commit) (bool, error)
- func Push(ctx context.Context, repo *git.Repository, remoteName string, refs []string) error
- func PushRefSpec(ctx context.Context, repo *git.Repository, remoteName string, ...) error
- func ReadBlob(repo *git.Repository, blobID plumbing.Hash) ([]byte, error)
- func RefSpec(repo *git.Repository, refName, remoteName string, fastForwardOnly bool) (config.RefSpec, error)
- func RemoteRef(refName, remoteName string) string
- func ResetCommit(repo *git.Repository, refName string, commitID plumbing.Hash) error
- func ResetDueToError(cause error, repo *git.Repository, refName string, commitID plumbing.Hash) error
- func Tag(repo *git.Repository, target plumbing.Hash, name, message string, sign bool) (plumbing.Hash, error)
- func VerifyCommitSignature(ctx context.Context, commit *object.Commit, key *tuf.Key) error
- func VerifyTagSignature(ctx context.Context, tag *object.Tag, key *tuf.Key) error
- func WriteBlob(repo *git.Repository, contents []byte) (plumbing.Hash, error)
- func WriteCommit(repo *git.Repository, commit *object.Commit) (plumbing.Hash, error)
- func WriteTag(repo *git.Repository, tag *object.Tag) (plumbing.Hash, error)
- func WriteTree(repo *git.Repository, entries []object.TreeEntry) (plumbing.Hash, error)
- type SigningMethod
- type TreeBuilder
Constants ¶
const ( DefaultSigningProgramGPG string = "gpg" DefaultSigningProgramSSH string = "ssh-keygen" DefaultSigningProgramX509 string = "gpgsm" )
const ( RefPrefix = "refs/" BranchRefPrefix = "refs/heads/" TagRefPrefix = "refs/tags/" RemoteRefPrefix = "refs/remotes/" )
const DefaultRemoteName = "origin"
Variables ¶
var ( ErrSigningKeyNotSpecified = errors.New("signing key not specified in git config") ErrUnknownSigningMethod = errors.New("unknown signing method (not one of gpg, ssh, x509)") ErrUnableToSign = errors.New("unable to sign Git object") ErrIncorrectVerificationKey = errors.New("incorrect key provided to verify signature") ErrVerifyingSigstoreSignature = errors.New("unable to verify Sigstore signature") ErrVerifyingSSHSignature = errors.New("unable to verify SSH signature") ErrInvalidSignature = errors.New("unable to parse signature / signature has unexpected header") )
var (
ErrReferenceNotFound = plumbing.ErrReferenceNotFound
)
var (
ErrTagAlreadyExists = errors.New("tag already exists")
)
var ErrWrittenBlobLengthMismatch = errors.New("length of blob written does not match length of contents")
Functions ¶
func AbsoluteReference ¶
AbsoluteReference returns the fully qualified reference path for the provided Git ref.
func ApplyCommit ¶
func ApplyCommit(repo *git.Repository, commit *object.Commit, curRef *plumbing.Reference) (plumbing.Hash, error)
ApplyCommit writes a commit object in the repository and updates the specified reference to point to the commit.
func ApplyTag ¶
ApplyTag sets the tag reference after the tag object is written to the repository's object store.
func CloneAndFetch ¶
func CloneAndFetch(ctx context.Context, remoteURL, dir, initialBranch string, refs []string) (*git.Repository, error)
CloneAndFetch clones a repository using the specified URL and additionally fetches the specified refs.
func CloneAndFetchToMemory ¶
func CloneAndFetchToMemory(ctx context.Context, remoteURL, initialBranch string, refs []string) (*git.Repository, error)
CloneAndFetchToMemory clones an in-memory repository using the specified URL and additionally fetches the specified refs.
func Commit ¶
func Commit(repo *git.Repository, treeHash plumbing.Hash, targetRef string, message string, sign bool) (plumbing.Hash, error)
Commit creates a new commit in the repo and sets targetRef's HEAD to the commit.
func CommitUsingSpecificKey ¶ added in v0.3.0
func CommitUsingSpecificKey(repo *git.Repository, treeHash plumbing.Hash, targetRef, message string, signingKeyPEMBytes []byte) (plumbing.Hash, error)
CommitUsingSpecificKey creates a new commit in the repository for the specified parameters. The commit is signed using the PEM encoded SSH or GPG private key. This function is expected for use in tests and gittuf's developer mode. In standard workflows, Commit() must be used instead which infers the signing key from the user's Git config.
func CreateCommitObject ¶
func CreateCommitObject(gitConfig *config.Config, treeHash plumbing.Hash, parentHashes []plumbing.Hash, message string, clock clockwork.Clock) *object.Commit
CreateCommitObject returns a commit object using the specified parameters.
func CreateTagObject ¶
func CreateTagObject(gitConfig *config.Config, targetObj object.Object, name, message string, clock clockwork.Clock) *object.Tag
CreateTagObject crafts and returns a new tag object using the specified parameters.
func EmptyBlob ¶
EmptyBlob returns the hash of an empty blob in a Git repository. Note: it is generated on the fly rather than stored as a constant to support SHA-256 repositories in future.
func EmptyTree ¶
EmptyTree returns the hash of an empty tree in a Git repository. Note: it is generated on the fly rather than stored as a constant to support SHA-256 repositories in future.
func Fetch ¶
func Fetch(ctx context.Context, repo *git.Repository, remoteName string, refs []string, fastForwardOnly bool) error
Fetch constructs refspecs for the refs and fetches to the repo from the specified remote. For more information on the Git refspec, please consult: https://git-scm.com/book/en/v2/Git-Internals-The-Refspec.
The fastForwardOnly flag controls if the constructed refspec allows non-fast-forward fetches. The target of the refspec is the same as the requested ref. Also, the remote tracker for the ref is also always updated.
func FetchRefSpec ¶
func FetchRefSpec(ctx context.Context, repo *git.Repository, remoteName string, refs []config.RefSpec) error
FetchRefSpec fetches to the repo from the specified remote using pre-constructed refspecs. For more information on the Git refspec, please consult: https://git-scm.com/book/en/v2/Git-Internals-The-Refspec.
func GetAllFilesInTree ¶ added in v0.2.0
GetAllFilesInTree returns all filepaths and the corresponding hash in the specified tree.
func GetCommitFilePaths ¶
GetCommitFilePaths returns all the file paths of the provided commit object. This strictly enumerates all the files recursively in the commit object's tree.
func GetCommitsBetweenRange ¶
func GetCommitsBetweenRange(repo *git.Repository, commitNewID, commitOldID plumbing.Hash) ([]*object.Commit, error)
GetCommitsBetweenRange returns the commits (including the new commit, excluding the old) between the specified ranges. If the old commit ID is set to zero, all commits reachable from the new commit are returned.
The returned commits are sorted by commit IDs. Ideally, they should be ordered by occurrence but go-git introduces some randomness here. It might be an effect of walking the graph anyway, so the sort by ID ensures the returned commit slice is deterministic.
func GetDiffFilePaths ¶
GetDiffFilePaths enumerates all the changed file paths between the two commits. If one of the commits is nil, the other commit's tree is enumerated.
func GetFilePathsChangedByCommit ¶
GetFilePathsChangedByCommit returns the paths changed by the commit relative to its parent commit. If the commit is a merge commit, i.e., it has more than one parent, check if the commit is the same as at least one of its parents. If there is a matching parent, we return no changes. If there is no matching parent commit, we return the changes between the commit and each of its parents.
func GetSigningCommand ¶
func KnowsCommit ¶
KnowsCommit indicates if the commit under test, identified by commitID, has a path to commit. If commit is the same as the commit under test or if commit is an ancestor of commit under test, KnowsCommit returns true.
func Push ¶
Push constructs refspecs for the specified Git refs and pushes from the repo to the remote. For more information on the Git refspec, please consult: https://git-scm.com/book/en/v2/Git-Internals-The-Refspec.
The refspecs are constructed to be fast-forward only.
func PushRefSpec ¶
func PushRefSpec(ctx context.Context, repo *git.Repository, remoteName string, refs []config.RefSpec) error
PushRefSpec pushes from repo to the specified remote using pre-constructed refspecs. For more information on the Git refspec, please consult: https://git-scm.com/book/en/v2/Git-Internals-The-Refspec.
All pushes are set to be atomic as the intent of using multiple refs is to sync the RSL.
func RefSpec ¶
func RefSpec(repo *git.Repository, refName, remoteName string, fastForwardOnly bool) (config.RefSpec, error)
RefSpec creates a Git refspec for the specified ref. For more information on the Git refspec, please consult: https://git-scm.com/book/en/v2/Git-Internals-The-Refspec.
func ResetCommit ¶
ResetCommit sets a Git reference with the name refName to the commit specified by its hash as commitID. Note that the commit must already be in the repository's object store.
func ResetDueToError ¶
func ResetDueToError(cause error, repo *git.Repository, refName string, commitID plumbing.Hash) error
ResetDueToError is a helper used to reverse a change applied to a ref due to an error encountered after the change but part of the same operation. This ensures that gittuf operations are atomic. Otherwise, a repository may enter a violation state where a ref is updated without accompanying RSL entries or other metadata changes.
func Tag ¶
func Tag(repo *git.Repository, target plumbing.Hash, name, message string, sign bool) (plumbing.Hash, error)
Tag creates a new tag in the repository pointing to the specified target.
func VerifyCommitSignature ¶
VerifyCommitSignature is used to verify a cryptographic signature associated with commit using TUF public keys.
func VerifyTagSignature ¶
VerifyTagSignature is used to verify a cryptographic signature associated with tag using TUF public keys.
func WriteBlob ¶
WriteBlob creates a blob object with the specified contents and returns the ID of the resultant blob.
func WriteCommit ¶
WriteCommit stores the commit object in the repository's object store, returning the new commit's ID.
Types ¶
type SigningMethod ¶
type SigningMethod int
const ( SigningMethodGPG SigningMethod = iota SigningMethodSSH SigningMethodX509 )
type TreeBuilder ¶ added in v0.2.0
type TreeBuilder struct {
// contains filtered or unexported fields
}
TreeBuilder is used to create multi-level trees in a repository. Based on `buildTreeHelper` in go-git.
func NewTreeBuilder ¶ added in v0.2.0
func NewTreeBuilder(repo *git.Repository) *TreeBuilder
NewTreeBuilder returns a TreeBuilder instance for the repository.
func (*TreeBuilder) WriteRootTreeFromBlobIDs ¶ added in v0.2.0
func (t *TreeBuilder) WriteRootTreeFromBlobIDs(files map[string]plumbing.Hash) (plumbing.Hash, error)
WriteRootTreeFromBlobIDs accepts a map of paths to their blob IDs and returns the root tree ID that contains these files.