gateways

package
v0.0.0-...-5b0a192 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 10, 2025 License: MIT Imports: 28 Imported by: 0

Documentation

Overview

Package gateways provides adapter implementations for external services and tools.

Package gateways provides implementations of domain gateway interfaces.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewBinaryAnalyzerGateway 

func NewBinaryAnalyzerGateway() *binaryAnalyzerGateway

NewBinaryAnalyzerGateway creates a new binary analyzer gateway

func NewChecksumVerifier 

func NewChecksumVerifier() *checksumVerifier

NewChecksumVerifier creates a new checksum verifier

func NewCompositeSecurityGateway 

func NewCompositeSecurityGateway() gateways.SecurityGateway

NewCompositeSecurityGateway creates a new composite security gateway with all dependencies

func NewCompositeSecurityGatewayWithDeps 

func NewCompositeSecurityGatewayWithDeps(
	osv *osvGateway,
	sbom *sbomGenerator,
	analyzer *binaryAnalyzerGateway,
	checksum *checksumVerifier,
	gpg *gpgVerifier,
) gateways.SecurityGateway

NewCompositeSecurityGatewayWithDeps creates a composite gateway with custom dependencies This is useful for testing or when you want to inject specific implementations

func NewGPGVerifier 

func NewGPGVerifier() *gpgVerifier

NewGPGVerifier creates a new GPG verifier gateway

func NewOSVGateway 

func NewOSVGateway() *osvGateway

NewOSVGateway creates a new OSV gateway

func NewSBOMGenerator 

func NewSBOMGenerator() *sbomGenerator

NewSBOMGenerator creates a new SBOM generator gateway

Types

type ArtifactFinder 

type ArtifactFinder struct{}

ArtifactFinder provides utilities for locating build artifacts

func NewArtifactFinder 

func NewArtifactFinder() *ArtifactFinder

NewArtifactFinder creates a new artifact finder

func (*ArtifactFinder) FindByGlob 

func (f *ArtifactFinder) FindByGlob(binariesDir, packageName, version string) ([]string, error)

FindByGlob searches using glob patterns for package artifacts

func (*ArtifactFinder) FindRecursive 

func (f *ArtifactFinder) FindRecursive(artifactsDir, packageName, version string) ([]string, error)

FindRecursive searches recursively for package artifacts Finds: .tar.gz, .sha256, .sha512, .sbom.json, .provenance.json

type Downloader 

type Downloader struct {
	// contains filtered or unexported fields
}

Downloader handles downloading artifacts from URLs

func NewDownloader 

func NewDownloader() *Downloader

NewDownloader creates a new downloader

func (*Downloader) BuildDownloadURL 

func (d *Downloader) BuildDownloadURL(template, version string, platformConfig *entities.PlatformConfig) string

BuildDownloadURL performs template substitution (exported for testing)

func (*Downloader) DownloadArtifact 

func (d *Downloader) DownloadArtifact(def *entities.Recipe, version, platform, outputDir string) (*entities.Artifact, error)

DownloadArtifact downloads an artifact based on recipe and platform

type ExecuteResult 

type ExecuteResult struct {
	Success  bool
	ExitCode int
	Stdout   string
	Stderr   string
	Duration time.Duration
	Error    error
}

ExecuteResult contains the result of script execution

type ExecuteScriptConfig 

type ExecuteScriptConfig struct {
	Script      string
	WorkingDir  string
	Env         map[string]string
	Timeout     time.Duration
	Description string
}

ExecuteScriptConfig contains configuration for executing a shell script.

type GitHubRelease 

type GitHubRelease struct {
	TagName    string `json:"tag_name"`
	Name       string `json:"name"`
	Prerelease bool   `json:"prerelease"`
	Draft      bool   `json:"draft"`
}

GitHubRelease represents a GitHub release

type GitHubTag 

type GitHubTag struct {
	Name string `json:"name"`
	Ref  string `json:"ref"`
}

GitHubTag represents a GitHub tag

type HTTPGitHubGateway 

type HTTPGitHubGateway struct {
	// contains filtered or unexported fields
}

HTTPGitHubGateway implements GitHubGateway using standard HTTP client

func NewHTTPGitHubGateway 

func NewHTTPGitHubGateway(token string) *HTTPGitHubGateway

NewHTTPGitHubGateway creates a new GitHub gateway with HTTP client

func (*HTTPGitHubGateway) CreateRelease 

func (g *HTTPGitHubGateway) CreateRelease(ctx context.Context, owner, repo string, release *gateways.GitHubRelease) (*gateways.GitHubRelease, error)

CreateRelease creates a new GitHub release

func (*HTTPGitHubGateway) GetRelease 

func (g *HTTPGitHubGateway) GetRelease(ctx context.Context, owner, repo, tag string) (*gateways.GitHubRelease, error)

GetRelease retrieves a release by tag name

func (*HTTPGitHubGateway) ListReleaseAssets 

func (g *HTTPGitHubGateway) ListReleaseAssets(ctx context.Context, owner, repo string, releaseID int64) ([]*gateways.GitHubAsset, error)

ListReleaseAssets lists all assets for a release

func (*HTTPGitHubGateway) ListReleases 

func (g *HTTPGitHubGateway) ListReleases(ctx context.Context, owner, repo string) ([]*gateways.GitHubRelease, error)

ListReleases lists all releases in a repository

func (*HTTPGitHubGateway) UploadAsset 

func (g *HTTPGitHubGateway) UploadAsset(ctx context.Context, uploadURL, filename string, content io.Reader) (*gateways.GitHubAsset, error)

UploadAsset uploads a file to a release

type OSVPackage 

type OSVPackage struct {
	Name      string `json:"name"`
	Ecosystem string `json:"ecosystem"`
}

OSVPackage identifies a software package in a specific ecosystem.

type OSVQueryRequest 

type OSVQueryRequest struct {
	Package OSVPackage `json:"package"`
	Version string     `json:"version"`
}

OSVQueryRequest represents a query to the OSV API for vulnerability information.

type OSVQueryResponse 

type OSVQueryResponse struct {
	Vulns []OSVVulnerability `json:"vulns"`
}

OSVQueryResponse contains the vulnerability results from the OSV API.

type OSVSeverity 

type OSVSeverity struct {
	Type  string `json:"type"`
	Score string `json:"score"`
}

OSVSeverity contains severity scoring information for a vulnerability.

type OSVVulnerability 

type OSVVulnerability struct {
	ID       string        `json:"id"`
	Summary  string        `json:"summary"`
	Details  string        `json:"details"`
	Severity []OSVSeverity `json:"severity,omitempty"`
}

OSVVulnerability represents a single vulnerability from the OSV database.

type Packager 

type Packager struct{}

Packager handles packaging built binaries into distributable archives

func NewPackager 

func NewPackager() *Packager

NewPackager creates a new packager

func (*Packager) PackageArtifact 

func (p *Packager) PackageArtifact(
	_ context.Context,
	def *entities.Recipe,
	artifact *entities.Artifact,
	version, platform, outputDir string,
) (*entities.Artifact, error)

PackageArtifact packages built binaries into a tar.gz archive Returns a new artifact pointing to the packaged tar.gz file

type ScriptExecutor 

type ScriptExecutor struct {
	// contains filtered or unexported fields
}

ScriptExecutor handles execution of build scripts

func NewScriptExecutor 

func NewScriptExecutor() *ScriptExecutor

NewScriptExecutor creates a new script executor

func (*ScriptExecutor) ExecuteBuildScripts 

func (se *ScriptExecutor) ExecuteBuildScripts(
	ctx context.Context,
	def *entities.Recipe,
	artifact *entities.Artifact,
	outputDir string,
) error

ExecuteBuildScripts executes all build-related scripts for a package

func (*ScriptExecutor) ExecuteScript 

func (se *ScriptExecutor) ExecuteScript(ctx context.Context, config ExecuteScriptConfig) *ExecuteResult

ExecuteScript runs a shell script with the given configuration

func (*ScriptExecutor) ValidateScript 

func (se *ScriptExecutor) ValidateScript(script string) error

ValidateScript performs basic validation on a shell script

type SecurityGatewayAdapter 

type SecurityGatewayAdapter struct {
	// contains filtered or unexported fields
}

SecurityGatewayAdapter implements the SecurityGateway interface

func NewSecurityGatewayAdapter 

func NewSecurityGatewayAdapter(logger interfaces.Logger) *SecurityGatewayAdapter

NewSecurityGatewayAdapter creates a new security gateway adapter

func (*SecurityGatewayAdapter) AnalyzeBinaryHardening 

func (s *SecurityGatewayAdapter) AnalyzeBinaryHardening(_ context.Context, _, _ string) (*entities.BinaryAnalysis, error)

AnalyzeBinaryHardening analyzes binary hardening features

func (*SecurityGatewayAdapter) GenerateSBOM 

func (s *SecurityGatewayAdapter) GenerateSBOM(_ context.Context, _ *entities.Artifact) (*entities.SBOM, error)

GenerateSBOM generates Software Bill of Materials

func (*SecurityGatewayAdapter) ImportGPGKeys 

func (s *SecurityGatewayAdapter) ImportGPGKeys(ctx context.Context, keyIDs []string) error

ImportGPGKeys imports GPG keys from keyservers

func (*SecurityGatewayAdapter) ImportGPGKeysFromURL 

func (s *SecurityGatewayAdapter) ImportGPGKeysFromURL(ctx context.Context, keysURL string) error

ImportGPGKeysFromURL imports GPG keys from a URL

func (*SecurityGatewayAdapter) ScanWithOSV 

func (s *SecurityGatewayAdapter) ScanWithOSV(_ context.Context, _ *entities.Artifact) (*entities.SecurityReport, error)

ScanWithOSV scans artifact with OSV

func (*SecurityGatewayAdapter) VerifyChecksum 

func (s *SecurityGatewayAdapter) VerifyChecksum(_ context.Context, filePath, expectedSum string) error

VerifyChecksum verifies file checksum

func (*SecurityGatewayAdapter) VerifyCosignSignature 

func (s *SecurityGatewayAdapter) VerifyCosignSignature(ctx context.Context, filePath, signaturePath, certPath string) error

VerifyCosignSignature verifies Cosign/Sigstore signature

func (*SecurityGatewayAdapter) VerifyGPGSignature 

func (s *SecurityGatewayAdapter) VerifyGPGSignature(ctx context.Context, filePath, sigURL string) error

VerifyGPGSignature verifies GPG signature

func (*SecurityGatewayAdapter) VerifyGitHubAttestation 

func (s *SecurityGatewayAdapter) VerifyGitHubAttestation(ctx context.Context, filePath, attestationPath string) error

VerifyGitHubAttestation verifies GitHub attestation

func (*SecurityGatewayAdapter) VerifyInstalledPackage 

func (s *SecurityGatewayAdapter) VerifyInstalledPackage(_ context.Context, packageName, installPath string) error

VerifyInstalledPackage performs runtime verification of installed package

type VersionFetcher 

type VersionFetcher struct {
	// contains filtered or unexported fields
}

VersionFetcher handles fetching latest versions from various sources

func NewVersionFetcher 

func NewVersionFetcher() *VersionFetcher

NewVersionFetcher creates a new version fetcher

func (*VersionFetcher) FetchLatestVersion 

func (vf *VersionFetcher) FetchLatestVersion(def *entities.Recipe) (string, error)

FetchLatestVersion fetches the latest version based on the version.source field

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.