Documentation ¶
Index ¶
- Variables
- type Details
- type InToto
- func (*InToto) Descriptor() ([]byte, []int)deprecated
- func (x *InToto) GetExpectedCommand() []string
- func (x *InToto) GetExpectedMaterials() []*InToto_ArtifactRule
- func (x *InToto) GetExpectedProducts() []*InToto_ArtifactRule
- func (x *InToto) GetSigningKeys() []*SigningKey
- func (x *InToto) GetStepName() string
- func (x *InToto) GetThreshold() int64
- func (*InToto) ProtoMessage()
- func (x *InToto) ProtoReflect() protoreflect.Message
- func (x *InToto) Reset()
- func (x *InToto) String() string
- type InToto_ArtifactRule
- func (*InToto_ArtifactRule) Descriptor() ([]byte, []int)deprecated
- func (x *InToto_ArtifactRule) GetArtifactRule() []string
- func (*InToto_ArtifactRule) ProtoMessage()
- func (x *InToto_ArtifactRule) ProtoReflect() protoreflect.Message
- func (x *InToto_ArtifactRule) Reset()
- func (x *InToto_ArtifactRule) String() string
- type Link
- func (*Link) Descriptor() ([]byte, []int)deprecated
- func (x *Link) GetByproducts() *Link_ByProducts
- func (x *Link) GetEffectiveCommand() []string
- func (x *Link) GetEnvironment() *Link_Environment
- func (x *Link) GetMaterials() []*Link_Artifact
- func (x *Link) GetProducts() []*Link_Artifact
- func (*Link) ProtoMessage()
- func (x *Link) ProtoReflect() protoreflect.Message
- func (x *Link) Reset()
- func (x *Link) String() string
- type Link_Artifact
- func (*Link_Artifact) Descriptor() ([]byte, []int)deprecated
- func (x *Link_Artifact) GetHashes() *Link_ArtifactHashes
- func (x *Link_Artifact) GetResourceUri() string
- func (*Link_Artifact) ProtoMessage()
- func (x *Link_Artifact) ProtoReflect() protoreflect.Message
- func (x *Link_Artifact) Reset()
- func (x *Link_Artifact) String() string
- type Link_ArtifactHashes
- func (*Link_ArtifactHashes) Descriptor() ([]byte, []int)deprecated
- func (x *Link_ArtifactHashes) GetSha256() string
- func (*Link_ArtifactHashes) ProtoMessage()
- func (x *Link_ArtifactHashes) ProtoReflect() protoreflect.Message
- func (x *Link_ArtifactHashes) Reset()
- func (x *Link_ArtifactHashes) String() string
- type Link_ByProducts
- func (*Link_ByProducts) Descriptor() ([]byte, []int)deprecated
- func (x *Link_ByProducts) GetCustomValues() map[string]string
- func (*Link_ByProducts) ProtoMessage()
- func (x *Link_ByProducts) ProtoReflect() protoreflect.Message
- func (x *Link_ByProducts) Reset()
- func (x *Link_ByProducts) String() string
- type Link_Environment
- func (*Link_Environment) Descriptor() ([]byte, []int)deprecated
- func (x *Link_Environment) GetCustomValues() map[string]string
- func (*Link_Environment) ProtoMessage()
- func (x *Link_Environment) ProtoReflect() protoreflect.Message
- func (x *Link_Environment) Reset()
- func (x *Link_Environment) String() string
- type Signature
- type SigningKey
- func (*SigningKey) Descriptor() ([]byte, []int)deprecated
- func (x *SigningKey) GetKeyId() string
- func (x *SigningKey) GetKeyScheme() string
- func (x *SigningKey) GetKeyType() string
- func (x *SigningKey) GetPublicKeyValue() string
- func (*SigningKey) ProtoMessage()
- func (x *SigningKey) ProtoReflect() protoreflect.Message
- func (x *SigningKey) Reset()
- func (x *SigningKey) String() string
Constants ¶
This section is empty.
Variables ¶
var File_proto_v1beta1_intoto_proto protoreflect.FileDescriptor
Functions ¶
This section is empty.
Types ¶
type Details ¶
type Details struct { Signatures []*Signature `protobuf:"bytes,1,rep,name=signatures,proto3" json:"signatures,omitempty"` Link *Link `protobuf:"bytes,2,opt,name=link,json=signed,proto3" json:"link,omitempty"` // contains filtered or unexported fields }
This corresponds to a signed in-toto link - it is made up of one or more signatures and the in-toto link itself. This is used for occurrences of a Grafeas in-toto note.
func (*Details) Descriptor
deprecated
func (*Details) GetSignatures ¶
func (*Details) ProtoMessage ¶
func (*Details) ProtoMessage()
func (*Details) ProtoReflect ¶
func (x *Details) ProtoReflect() protoreflect.Message
type InToto ¶
type InToto struct { // This field identifies the name of the step in the supply chain. StepName string `protobuf:"bytes,1,opt,name=step_name,json=stepName,proto3" json:"step_name,omitempty"` // This field contains the public keys that can be used to verify the // signatures on the step metadata. SigningKeys []*SigningKey `protobuf:"bytes,2,rep,name=signing_keys,json=signingKeys,proto3" json:"signing_keys,omitempty"` // The following fields contain in-toto artifact rules identifying the // artifacts that enter this supply chain step, and exit the supply chain // step, i.e. materials and products of the step. ExpectedMaterials []*InToto_ArtifactRule `protobuf:"bytes,3,rep,name=expected_materials,json=expectedMaterials,proto3" json:"expected_materials,omitempty"` ExpectedProducts []*InToto_ArtifactRule `protobuf:"bytes,4,rep,name=expected_products,json=expectedProducts,proto3" json:"expected_products,omitempty"` // This field contains the expected command used to perform the step. ExpectedCommand []string `protobuf:"bytes,5,rep,name=expected_command,json=expectedCommand,proto3" json:"expected_command,omitempty"` // This field contains a value that indicates the minimum number of keys that // need to be used to sign the step's in-toto link. Threshold int64 `protobuf:"varint,6,opt,name=threshold,proto3" json:"threshold,omitempty"` // contains filtered or unexported fields }
This contains the fields corresponding to the definition of a software supply chain step in an in-toto layout. This information goes into a Grafeas note.
func (*InToto) Descriptor
deprecated
func (*InToto) GetExpectedCommand ¶
func (*InToto) GetExpectedMaterials ¶
func (x *InToto) GetExpectedMaterials() []*InToto_ArtifactRule
func (*InToto) GetExpectedProducts ¶
func (x *InToto) GetExpectedProducts() []*InToto_ArtifactRule
func (*InToto) GetSigningKeys ¶
func (x *InToto) GetSigningKeys() []*SigningKey
func (*InToto) GetStepName ¶
func (*InToto) GetThreshold ¶
func (*InToto) ProtoMessage ¶
func (*InToto) ProtoMessage()
func (*InToto) ProtoReflect ¶
func (x *InToto) ProtoReflect() protoreflect.Message
type InToto_ArtifactRule ¶
type InToto_ArtifactRule struct { ArtifactRule []string `protobuf:"bytes,1,rep,name=artifact_rule,json=artifactRule,proto3" json:"artifact_rule,omitempty"` // contains filtered or unexported fields }
Defines an object to declare an in-toto artifact rule
func (*InToto_ArtifactRule) Descriptor
deprecated
func (*InToto_ArtifactRule) Descriptor() ([]byte, []int)
Deprecated: Use InToto_ArtifactRule.ProtoReflect.Descriptor instead.
func (*InToto_ArtifactRule) GetArtifactRule ¶
func (x *InToto_ArtifactRule) GetArtifactRule() []string
func (*InToto_ArtifactRule) ProtoMessage ¶
func (*InToto_ArtifactRule) ProtoMessage()
func (*InToto_ArtifactRule) ProtoReflect ¶
func (x *InToto_ArtifactRule) ProtoReflect() protoreflect.Message
func (*InToto_ArtifactRule) Reset ¶
func (x *InToto_ArtifactRule) Reset()
func (*InToto_ArtifactRule) String ¶
func (x *InToto_ArtifactRule) String() string
type Link ¶
type Link struct { // This field contains the full command executed for the step. This can also // be empty if links are generated for operations that aren't directly mapped // to a specific command. Each term in the command is an independent string // in the list. An example of a command in the in-toto metadata field is: // "command": ["git", "clone", "https://github.com/in-toto/demo-project.git"] EffectiveCommand []string `protobuf:"bytes,1,rep,name=effective_command,json=command,proto3" json:"effective_command,omitempty"` // Materials are the supply chain artifacts that go into the step and are used // for the operation performed. The key of the map is the path of the artifact // and the structure contains the recorded hash information. An example is: // "materials": [ // { // "resource_uri": "foo/bar", // "hashes": { // "sha256": "ebebf...", // <OTHER HASH ALGORITHMS>: <HASH VALUE> // } // } // ] Materials []*Link_Artifact `protobuf:"bytes,2,rep,name=materials,proto3" json:"materials,omitempty"` // Products are the supply chain artifacts generated as a result of the step. // The structure is identical to that of materials. Products []*Link_Artifact `protobuf:"bytes,3,rep,name=products,proto3" json:"products,omitempty"` // ByProducts are data generated as part of a software supply chain step, but // are not the actual result of the step. Byproducts *Link_ByProducts `protobuf:"bytes,4,opt,name=byproducts,proto3" json:"byproducts,omitempty"` // This is a field that can be used to capture information about the // environment. It is suggested for this field to contain information that // details environment variables, filesystem information, and the present // working directory. The recommended structure of this field is: // "environment": { // "custom_values": { // "variables": "<ENV>", // "filesystem": "<FS>", // "workdir": "<CWD>", // "<ANY OTHER RELEVANT FIELDS>": "..." // } // } Environment *Link_Environment `protobuf:"bytes,5,opt,name=environment,proto3" json:"environment,omitempty"` // contains filtered or unexported fields }
This corresponds to an in-toto link.
func (*Link) Descriptor
deprecated
func (*Link) GetByproducts ¶
func (x *Link) GetByproducts() *Link_ByProducts
func (*Link) GetEffectiveCommand ¶
func (*Link) GetEnvironment ¶
func (x *Link) GetEnvironment() *Link_Environment
func (*Link) GetMaterials ¶
func (x *Link) GetMaterials() []*Link_Artifact
func (*Link) GetProducts ¶
func (x *Link) GetProducts() []*Link_Artifact
func (*Link) ProtoMessage ¶
func (*Link) ProtoMessage()
func (*Link) ProtoReflect ¶
func (x *Link) ProtoReflect() protoreflect.Message
type Link_Artifact ¶
type Link_Artifact struct { ResourceUri string `protobuf:"bytes,1,opt,name=resource_uri,json=resourceUri,proto3" json:"resource_uri,omitempty"` Hashes *Link_ArtifactHashes `protobuf:"bytes,2,opt,name=hashes,proto3" json:"hashes,omitempty"` // contains filtered or unexported fields }
func (*Link_Artifact) Descriptor
deprecated
func (*Link_Artifact) Descriptor() ([]byte, []int)
Deprecated: Use Link_Artifact.ProtoReflect.Descriptor instead.
func (*Link_Artifact) GetHashes ¶
func (x *Link_Artifact) GetHashes() *Link_ArtifactHashes
func (*Link_Artifact) GetResourceUri ¶
func (x *Link_Artifact) GetResourceUri() string
func (*Link_Artifact) ProtoMessage ¶
func (*Link_Artifact) ProtoMessage()
func (*Link_Artifact) ProtoReflect ¶
func (x *Link_Artifact) ProtoReflect() protoreflect.Message
func (*Link_Artifact) Reset ¶
func (x *Link_Artifact) Reset()
func (*Link_Artifact) String ¶
func (x *Link_Artifact) String() string
type Link_ArtifactHashes ¶
type Link_ArtifactHashes struct { Sha256 string `protobuf:"bytes,1,opt,name=sha256,proto3" json:"sha256,omitempty"` // contains filtered or unexported fields }
Defines a hash object for use in Materials and Products.
func (*Link_ArtifactHashes) Descriptor
deprecated
func (*Link_ArtifactHashes) Descriptor() ([]byte, []int)
Deprecated: Use Link_ArtifactHashes.ProtoReflect.Descriptor instead.
func (*Link_ArtifactHashes) GetSha256 ¶
func (x *Link_ArtifactHashes) GetSha256() string
func (*Link_ArtifactHashes) ProtoMessage ¶
func (*Link_ArtifactHashes) ProtoMessage()
func (*Link_ArtifactHashes) ProtoReflect ¶
func (x *Link_ArtifactHashes) ProtoReflect() protoreflect.Message
func (*Link_ArtifactHashes) Reset ¶
func (x *Link_ArtifactHashes) Reset()
func (*Link_ArtifactHashes) String ¶
func (x *Link_ArtifactHashes) String() string
type Link_ByProducts ¶
type Link_ByProducts struct { CustomValues map[string]string `` /* 185-byte string literal not displayed */ // contains filtered or unexported fields }
Defines an object for the byproducts field in in-toto links. The suggested fields are "stderr", "stdout", and "return-value".
func (*Link_ByProducts) Descriptor
deprecated
func (*Link_ByProducts) Descriptor() ([]byte, []int)
Deprecated: Use Link_ByProducts.ProtoReflect.Descriptor instead.
func (*Link_ByProducts) GetCustomValues ¶
func (x *Link_ByProducts) GetCustomValues() map[string]string
func (*Link_ByProducts) ProtoMessage ¶
func (*Link_ByProducts) ProtoMessage()
func (*Link_ByProducts) ProtoReflect ¶
func (x *Link_ByProducts) ProtoReflect() protoreflect.Message
func (*Link_ByProducts) Reset ¶
func (x *Link_ByProducts) Reset()
func (*Link_ByProducts) String ¶
func (x *Link_ByProducts) String() string
type Link_Environment ¶
type Link_Environment struct { CustomValues map[string]string `` /* 185-byte string literal not displayed */ // contains filtered or unexported fields }
Defines an object for the environment field in in-toto links. The suggested fields are "variables", "filesystem", and "workdir".
func (*Link_Environment) Descriptor
deprecated
func (*Link_Environment) Descriptor() ([]byte, []int)
Deprecated: Use Link_Environment.ProtoReflect.Descriptor instead.
func (*Link_Environment) GetCustomValues ¶
func (x *Link_Environment) GetCustomValues() map[string]string
func (*Link_Environment) ProtoMessage ¶
func (*Link_Environment) ProtoMessage()
func (*Link_Environment) ProtoReflect ¶
func (x *Link_Environment) ProtoReflect() protoreflect.Message
func (*Link_Environment) Reset ¶
func (x *Link_Environment) Reset()
func (*Link_Environment) String ¶
func (x *Link_Environment) String() string
type Signature ¶
type Signature struct { KeyId string `protobuf:"bytes,1,opt,name=key_id,json=keyid,proto3" json:"key_id,omitempty"` Signature string `protobuf:"bytes,2,opt,name=signature,json=sig,proto3" json:"signature,omitempty"` // contains filtered or unexported fields }
A signature object consists of the KeyID used and the signature itself.
func (*Signature) Descriptor
deprecated
func (*Signature) GetSignature ¶
func (*Signature) ProtoMessage ¶
func (*Signature) ProtoMessage()
func (*Signature) ProtoReflect ¶
func (x *Signature) ProtoReflect() protoreflect.Message
type SigningKey ¶
type SigningKey struct { // key_id is an identifier for the signing key. KeyId string `protobuf:"bytes,1,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty"` // This field identifies the specific signing method. Eg: "rsa", "ed25519", // and "ecdsa". KeyType string `protobuf:"bytes,2,opt,name=key_type,json=keyType,proto3" json:"key_type,omitempty"` // This field contains the actual public key. PublicKeyValue string `protobuf:"bytes,3,opt,name=public_key_value,json=publicKeyValue,proto3" json:"public_key_value,omitempty"` // This field contains the corresponding signature scheme. // Eg: "rsassa-pss-sha256". KeyScheme string `protobuf:"bytes,4,opt,name=key_scheme,json=keyScheme,proto3" json:"key_scheme,omitempty"` // contains filtered or unexported fields }
This defines the format used to record keys used in the software supply chain. An in-toto link is attested using one or more keys defined in the in-toto layout. An example of this is:
{ "key_id": "776a00e29f3559e0141b3b096f696abc6cfb0c657ab40f441132b345b0...", "key_type": "rsa", "public_key_value": "-----BEGIN PUBLIC KEY-----\nMIIBojANBgkqhkiG9w0B...", "key_scheme": "rsassa-pss-sha256" }
The format for in-toto's key definition can be found in section 4.2 of the in-toto specification.
func (*SigningKey) Descriptor
deprecated
func (*SigningKey) Descriptor() ([]byte, []int)
Deprecated: Use SigningKey.ProtoReflect.Descriptor instead.
func (*SigningKey) GetKeyId ¶
func (x *SigningKey) GetKeyId() string
func (*SigningKey) GetKeyScheme ¶
func (x *SigningKey) GetKeyScheme() string
func (*SigningKey) GetKeyType ¶
func (x *SigningKey) GetKeyType() string
func (*SigningKey) GetPublicKeyValue ¶
func (x *SigningKey) GetPublicKeyValue() string
func (*SigningKey) ProtoMessage ¶
func (*SigningKey) ProtoMessage()
func (*SigningKey) ProtoReflect ¶
func (x *SigningKey) ProtoReflect() protoreflect.Message
func (*SigningKey) Reset ¶
func (x *SigningKey) Reset()
func (*SigningKey) String ¶
func (x *SigningKey) String() string