Documentation ¶
Index ¶
- func DeleteSecret(ctx context.Context, attester *rodev1alpha1.Attester, c client.Client, ...) error
- func NewAttestWrapper(log logr.Logger, delegate occurrence.Creator, lister occurrence.Lister, ...) occurrence.Creator
- type AttestRequest
- type AttestResponse
- type Attester
- type Lister
- type Policy
- type Signer
- type VerifyRequest
- type Violation
- type ViolationError
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DeleteSecret ¶ added in v0.2.0
func DeleteSecret(ctx context.Context, attester *rodev1alpha1.Attester, c client.Client, namespacedName types.NamespacedName) error
DeleteSecret uses the kubernetes client library to delete a named secret resource. The name and namespace parameters are used to find the secret The function returns an err if the deletion fails
func NewAttestWrapper ¶
func NewAttestWrapper(log logr.Logger, delegate occurrence.Creator, lister occurrence.Lister, attesterLister Lister) occurrence.Creator
NewAttestWrapper creates an Creator that also performs attestation
Types ¶
type AttestRequest ¶
type AttestRequest struct { ResourceURI string Occurrences []*grafeas.Occurrence }
AttestRequest contains request for attester
type AttestResponse ¶
type AttestResponse struct {
Attestation *grafeas.Occurrence
}
AttestResponse contains response from attester
type Attester ¶
type Attester interface { Attest(ctx context.Context, req *AttestRequest) (*AttestResponse, error) Verify(ctx context.Context, req *VerifyRequest) error String() string }
Attester for performing attestation. returns `ok` if attestation created
type Policy ¶
type Policy interface { Evaluate(context.Context, interface{}) []*Violation Serialize(out io.Writer) error }
Policy is the interface for managing policy
type Signer ¶
type Signer interface { Sign(string) (string, error) Verify(string) (string, error) KeyID() string Serialize(out io.Writer) error }
Signer is the interface for managing gpg signing
func NewSecret ¶ added in v0.2.0
func NewSecret(ctx context.Context, attester *rodev1alpha1.Attester, client client.Client, namespacedName types.NamespacedName) (Signer, error)
NewSecret uses the kubernetes client library to create a new secret resource. The name parameter is used to name the secret and the namespace parameter is used to designate which namespace the secret is created in The function returns a signer object to be used by the reconcile loop.
type VerifyRequest ¶
type VerifyRequest struct {
Occurrence *grafeas.Occurrence
}
VerifyRequest contains request for attester
type Violation ¶
Violation describes a violation
func NewViolation ¶
func NewViolation(raw interface{}) *Violation
NewViolation creates new violation from raw val
type ViolationError ¶ added in v0.2.0
type ViolationError struct {
Violations []*Violation
}
func (ViolationError) Error ¶ added in v0.2.0
func (ve ViolationError) Error() string