chains

package
v0.15.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 13, 2023 License: Apache-2.0 Imports: 27 Imported by: 2

Documentation

Index

Constants

View Source 
const (
	// ChainsAnnotation is the standard annotation to indicate a TR has been signed.
	ChainsAnnotation             = "chains.tekton.dev/signed"
	RetryAnnotation              = "chains.tekton.dev/retries"
	ChainsTransparencyAnnotation = "chains.tekton.dev/transparency"
	MaxRetries                   = 3
)
View Source 
const (
	RekorAnnotation = "chains.tekton.dev/transparency-upload"
)

Variables

This section is empty.

Functions

func AddAnnotation added in v0.4.0 

func AddAnnotation(ctx context.Context, obj objects.TektonObject, ps versioned.Interface, key, value string, annotations map[string]string) error

func AddRetry added in v0.4.0 

func AddRetry(ctx context.Context, obj objects.TektonObject, ps versioned.Interface, annotations map[string]string) error

func HandleRetry added in v0.4.0 

func HandleRetry(ctx context.Context, obj objects.TektonObject, ps versioned.Interface, annotations map[string]string) error

func MarkFailed added in v0.4.0 

func MarkFailed(ctx context.Context, obj objects.TektonObject, ps versioned.Interface, annotations map[string]string) error

func MarkSigned 

func MarkSigned(ctx context.Context, obj objects.TektonObject, ps versioned.Interface, annotations map[string]string) error

MarkSigned marks a Tekton object as signed.

func Reconciled added in v0.4.0 

func Reconciled(obj objects.TektonObject) bool

Reconciled determines whether a Tekton object has already passed through the reconcile loops, up to 3x

func RetryAvailable added in v0.4.0 

func RetryAvailable(obj objects.TektonObject) bool

Types

type ObjectSigner added in v0.13.0 

type ObjectSigner struct {
	// Backends: store payload and signature
	// The keys are different storage option's name. {docdb, gcs, grafeas, oci, tekton}
	// The values are the actual storage backends that will be used to store and retrieve provenance.
	Backends          map[string]storage.Backend
	SecretPath        string
	Pipelineclientset versioned.Interface
}

func (*ObjectSigner) Sign added in v0.13.0 

func (o *ObjectSigner) Sign(ctx context.Context, tektonObj objects.TektonObject) error

Signs TaskRun and PipelineRun objects, as well as generates attesations for each Follows process of extract payload, sign payload, store payload and signature

type Signer 

type Signer interface {
	Sign(ctx context.Context, obj objects.TektonObject) error
}

type TaskRunVerifier added in v0.6.0 

type TaskRunVerifier struct {
	KubeClient        kubernetes.Interface
	Pipelineclientset versioned.Interface
	SecretPath        string
}

func (*TaskRunVerifier) VerifyTaskRun added in v0.6.0 

func (tv *TaskRunVerifier) VerifyTaskRun(ctx context.Context, tr *v1beta1.TaskRun) error

type Verifier added in v0.6.0 

type Verifier interface {
	VerifyTaskRun(ctx context.Context, tr *v1beta1.TaskRun) error
}

Source Files

View all Source files

Directories

Path Synopsis
all
simple
slsa/attest
slsa/extract
slsa/v1
slsa/v1/internal/material
slsa/v1/pipelinerun
slsa/v1/taskrun
kms
Package kms creates a signer using a key management server
 Package kms creates a signer using a key management server
x509
docdb
gcs
grafeas
oci
pubsub
tekton

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.