Version: v0.4.3 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Nov 15, 2022 License: Apache-2.0 Imports: 27 Imported by: 0




This section is empty.


This section is empty.


func CmdExec

func CmdExec(baseCmd, dir string, args ...string) (string, error)

execute command in a specified dir

func FileExists

func FileExists(fpath string) bool

returns if a filepath exists or not

func GenerateAttestation

func GenerateAttestation(provPath, privKeyPath string) (*dsse.Envelope, error)

generate a rekor entry data by signing a specified provenance with private key the output data contains a base64 encoded provenance and its signature. it can be used in `rekor-cli upload --artifact xxxxx`.

func GenerateProvenance

func GenerateProvenance(artifactName, digest, kustomizeBase string, startTime, finishTime time.Time, recipeCmd []string) (*intoto.Statement, error)

generate provenance data by checking kustomization.yaml and its sub resources all local files and remote repos are included in `materials` of a generated provenance

func GetDigestOfArtifact

func GetDigestOfArtifact(artifactPath string) (string, error)

get a digest of artifact by checking artifact type when the artifact is local file --> sha256 file hash

is OCI image --> image digest

func GetImageDigest

func GetImageDigest(resBundleRef string) (string, error)

returns image digest

func GitExec

func GitExec(dir string, args ...string) (string, error)

execute git command

func IsDir

func IsDir(name string) (bool, error)

returns if a filepath is pointing a directory or not

func IsFile

func IsFile(name string) (bool, error)

returns if a filepath is pointing a file or not

func IsFileResource

func IsFileResource(path string) bool

returns if a resource in kustomization.yaml is a local file/dir or not

func IsRepositoryResource

func IsRepositoryResource(path string) bool

returns if a resource in kustomization.yaml is a git repo or not

func KustomizeExec

func KustomizeExec(dir string, args ...string) (string, error)

execute kustomize command

func OverwriteArtifactInProvenance

func OverwriteArtifactInProvenance(provPath, overwriteArtifact string) (string, error)

overwrite `subject` in provenance with a specified artifact

func Sha256Hash

func Sha256Hash(fpath string) (string, error)

get a sha 256 hash for a file


type FileInfo

type FileInfo struct {
	Name string
	Hash string

type GitRepoResult

type GitRepoResult struct {
	RootDir  string
	URL      string
	Revision string
	CommitID string
	Path     string

type IntotoSigner

type IntotoSigner struct {
	// contains filtered or unexported fields

func (*IntotoSigner) KeyID added in v0.2.0

func (es *IntotoSigner) KeyID() (string, error)

func (*IntotoSigner) Public added in v0.2.0

func (es *IntotoSigner) Public() crypto.PublicKey

func (*IntotoSigner) Sign

func (it *IntotoSigner) Sign(data []byte) ([]byte, error)

sign a provenance data

func (*IntotoSigner) Verify

func (it *IntotoSigner) Verify(data, sig []byte) error

sverify a provenance data and its signature

type KustomizationResource

type KustomizationResource struct {
	GitRepo *GitRepoResult
	File    *FileInfo

func LoadKustomization

func LoadKustomization(fpath, baseDir, gitURL, gitRevision string, inRemoteRepo bool) ([]*KustomizationResource, error)

it loads a kustomization.yaml in a specified base dir and its resources and bases even in remote repository. then it returns a list of resources that have file hash info for files and commit digest info for remote repos.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL