Documentation
¶
Index ¶
- Constants
- Variables
- func AllowInsecureFeatureVerification() bool
- func EnsureHostLifecycleAllowed(command spec.LifecycleCommand, allow bool) error
- func EnsureWorkspaceTrust(resolved devcontainer.ResolvedConfig, trusted bool) error
- func HostLifecycleTrustRequired(command spec.LifecycleCommand) bool
- func SetIsTerminalForTest(check func(int) bool) func()
- func WorkspaceTrustRequiredForSpec(workspaceSpec spec.WorkspaceSpec) bool
- type ImageVerificationPolicy
- func (p *ImageVerificationPolicy) ApplyFeature(source string, result security.VerificationResult, allowUnverified bool, ...) error
- func (p *ImageVerificationPolicy) ApplyImage(result security.VerificationResult, events ui.Sink) error
- func (p *ImageVerificationPolicy) Approved(ref string) bool
- func (p *ImageVerificationPolicy) Check(ctx context.Context, ref string) security.VerificationResult
- func (p *ImageVerificationPolicy) CloneWithIO(stdin io.Reader, stderr io.Writer) *ImageVerificationPolicy
- func (p *ImageVerificationPolicy) DisablePrompt()
- func (p *ImageVerificationPolicy) SetTrustedSigners(signers []security.TrustedSigner)
- func (p *ImageVerificationPolicy) TrustRefs(refs ...string)
- func (p *ImageVerificationPolicy) TrustedRefs() []string
- type VerificationPrompter
Constants ¶
View Source
const TrustWorkspaceEnvVar = "HATCHCTL_TRUST_WORKSPACE"
Variables ¶
View Source
var ErrHostLifecycleNotAllowed = errors.New("host lifecycle commands require explicit trust")
View Source
var ErrWorkspaceTrustRequired = errors.New("workspace requires explicit trust for repo-controlled container backend settings")
Functions ¶
func AllowInsecureFeatureVerification ¶
func AllowInsecureFeatureVerification() bool
func EnsureHostLifecycleAllowed ¶
func EnsureHostLifecycleAllowed(command spec.LifecycleCommand, allow bool) error
func EnsureWorkspaceTrust ¶
func EnsureWorkspaceTrust(resolved devcontainer.ResolvedConfig, trusted bool) error
func HostLifecycleTrustRequired ¶
func HostLifecycleTrustRequired(command spec.LifecycleCommand) bool
func SetIsTerminalForTest ¶
func WorkspaceTrustRequiredForSpec ¶
func WorkspaceTrustRequiredForSpec(workspaceSpec spec.WorkspaceSpec) bool
Types ¶
type ImageVerificationPolicy ¶
type ImageVerificationPolicy struct {
// contains filtered or unexported fields
}
func NewImageVerificationPolicy ¶
func NewImageVerificationPolicy(stdin io.Reader, stderr io.Writer) *ImageVerificationPolicy
func NewImageVerificationPolicyWithPrompt ¶
func NewImageVerificationPolicyWithPrompt(strict bool, prompt VerificationPrompter, trustedRefs ...string) *ImageVerificationPolicy
func (*ImageVerificationPolicy) ApplyFeature ¶
func (p *ImageVerificationPolicy) ApplyFeature(source string, result security.VerificationResult, allowUnverified bool, events ui.Sink) error
func (*ImageVerificationPolicy) ApplyImage ¶
func (p *ImageVerificationPolicy) ApplyImage(result security.VerificationResult, events ui.Sink) error
func (*ImageVerificationPolicy) Approved ¶
func (p *ImageVerificationPolicy) Approved(ref string) bool
func (*ImageVerificationPolicy) Check ¶
func (p *ImageVerificationPolicy) Check(ctx context.Context, ref string) security.VerificationResult
func (*ImageVerificationPolicy) CloneWithIO ¶
func (p *ImageVerificationPolicy) CloneWithIO(stdin io.Reader, stderr io.Writer) *ImageVerificationPolicy
func (*ImageVerificationPolicy) DisablePrompt ¶ added in v0.6.8
func (p *ImageVerificationPolicy) DisablePrompt()
func (*ImageVerificationPolicy) SetTrustedSigners ¶ added in v0.6.13
func (p *ImageVerificationPolicy) SetTrustedSigners(signers []security.TrustedSigner)
func (*ImageVerificationPolicy) TrustRefs ¶ added in v0.6.8
func (p *ImageVerificationPolicy) TrustRefs(refs ...string)
func (*ImageVerificationPolicy) TrustedRefs ¶ added in v0.6.8
func (p *ImageVerificationPolicy) TrustedRefs() []string
type VerificationPrompter ¶
func NewVerificationPrompter ¶
func NewVerificationPrompter(stdin io.Reader, stderr io.Writer) VerificationPrompter
Source Files
Click to show internal directories.
Click to hide internal directories.