application_snapshot_image

package
v0.0.0-...-06b94e1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 28, 2023 License: Apache-2.0 Imports: 25 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	EV001 = ece.NewError("EV001", "No attestation data", ece.ErrorExitStatus)
	EV002 = ece.NewError("EV002", "Unable to decode attestation data from attestation image", ece.ErrorExitStatus)
	EV003 = ece.NewError("EV003", "Attestation syntax validation failed", ece.ErrorExitStatus)
)

Functions

func WithClient 

func WithClient(ctx context.Context, client Client) context.Context

Types

type ApplicationSnapshotImage 

type ApplicationSnapshotImage struct {
	Evaluators []evaluator.Evaluator
	// contains filtered or unexported fields
}

ApplicationSnapshotImage represents the structure needed to evaluate an Application Snapshot Image

func NewApplicationSnapshotImage 

func NewApplicationSnapshotImage(ctx context.Context, url string, p policy.Policy) (*ApplicationSnapshotImage, error)

NewApplicationSnapshotImage returns an ApplicationSnapshotImage struct with reference, checkOpts, and evaluator ready to use.

func (*ApplicationSnapshotImage) Attestations 

func (a *ApplicationSnapshotImage) Attestations() []attestation.Attestation[in_toto.ProvenanceStatementSLSA02]

Attestations returns the value of the attestations field of the ApplicationSnapshotImage struct

func (*ApplicationSnapshotImage) FilterMatchingAttestations 

func (a *ApplicationSnapshotImage) FilterMatchingAttestations(ctx context.Context)

FilterMatchingAttestations ignores attestations that do not have a matching subject.

func (*ApplicationSnapshotImage) SetImageURL 

func (a *ApplicationSnapshotImage) SetImageURL(url string) error

func (*ApplicationSnapshotImage) Signatures 

func (a *ApplicationSnapshotImage) Signatures() []output.EntitySignature

func (*ApplicationSnapshotImage) ValidateAttestationSignature 

func (a *ApplicationSnapshotImage) ValidateAttestationSignature(ctx context.Context) error

ValidateAttestationSignature executes the cosign.VerifyImageAttestations method

func (ApplicationSnapshotImage) ValidateAttestationSyntax 

func (a ApplicationSnapshotImage) ValidateAttestationSyntax(ctx context.Context) error

ValidateAttestationSyntax validates the attestations against known JSON schemas, errors out if there are no attestations to check to prevent sucessful syntax check of no inputs, must invoke [ValidateAttestationSignature] to prefill the attestations.

func (*ApplicationSnapshotImage) ValidateImageAccess 

func (a *ApplicationSnapshotImage) ValidateImageAccess(ctx context.Context) error

ValidateImageAccess executes the remote.Head method on the ApplicationSnapshotImage image ref

func (*ApplicationSnapshotImage) ValidateImageSignature 

func (a *ApplicationSnapshotImage) ValidateImageSignature(ctx context.Context) error

ValidateImageSignature executes the cosign.VerifyImageSignature method on the ApplicationSnapshotImage image ref.

func (*ApplicationSnapshotImage) WriteInputFile 

func (a *ApplicationSnapshotImage) WriteInputFile(ctx context.Context) (string, error)

WriteInputFile writes the JSON from the attestations to input.json in a random temp dir

type Client 

type Client interface {
	VerifyImageSignatures(context.Context, name.Reference, *cosign.CheckOpts) ([]oci.Signature, bool, error)
	VerifyImageAttestations(context.Context, name.Reference, *cosign.CheckOpts) ([]oci.Signature, bool, error)
	Head(name.Reference, ...remote.Option) (*gcr.Descriptor, error)
}

Client is an interface that contains all the external calls used by the application_snapshot_image package.

func NewClient 

func NewClient(ctx context.Context) Client

NewClient constructs a new application_snapshot_image with the default client.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.