Documentation
¶
Overview ¶
Package verifier provides a client for verifying artifacts using sigstore
Index ¶
Constants ¶
View Source
const ( // TrustedRootSigstoreGitHub is the GitHub trusted root repository for sigstore (used for private repos, Enterprise) TrustedRootSigstoreGitHub = "tuf-repo.github.com" // TrustedRootSigstorePublicGoodInstance is the public trusted root repository for sigstore TrustedRootSigstorePublicGoodInstance = "tuf-repo-cdn.sigstore.dev" )
Variables ¶
View Source
var ( // ErrProvenanceNotFoundOrIncomplete is returned when there's no provenance info (missing .sig or attestation) or // has incomplete data ErrProvenanceNotFoundOrIncomplete = errors.New("provenance not found or incomplete") // ErrProvenanceServerInformationNotSet is returned when the provenance information for a server is not set ErrProvenanceServerInformationNotSet = errors.New("provenance server information not set") // MaxAttestationsBytesLimit is the maximum number of bytes we're willing to read from the attestation endpoint // We'll limit this to 10mb for now MaxAttestationsBytesLimit int64 = 10 * 1024 * 1024 )
Functions ¶
This section is empty.
Types ¶
type Result ¶
type Result struct {
IsSigned bool `json:"is_signed"`
IsVerified bool `json:"is_verified"`
verify.VerificationResult
}
Result is the result of the verification
type Sigstore ¶
type Sigstore struct {
// contains filtered or unexported fields
}
Sigstore is the sigstore verifier
func (*Sigstore) GetVerificationResults ¶
func (s *Sigstore) GetVerificationResults( imageRef string, ) ([]*verify.VerificationResult, error)
GetVerificationResults returns the verification results for the given image reference
Source Files
Click to show internal directories.
Click to hide internal directories.