trustedresources

package

v0.43.2 Latest Latest Go to latest Published: Jan 9, 2023 License: Apache-2.0 Imports: 14 Imported by: 5

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/tektoncd/pipeline

Links

Open Source Insights

Documentation ¶

Overview ¶

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index ¶

Constants
Variables
func VerifyPipeline(ctx context.Context, pipelineObj v1beta1.PipelineObject, ...) error
func VerifyTask(ctx context.Context, taskObj v1beta1.TaskObject, k8s kubernetes.Interface, ...) error

Constants ¶

View Source

const (
	// SignatureAnnotation is the key of signature in annotation map
	SignatureAnnotation = "tekton.dev/signature"
)

Variables ¶

View Source

var (
	// ErrorResourceVerificationFailed is returned when trusted resources fails verification.
	ErrorResourceVerificationFailed = errors.New("resource verification failed")
	// ErrorEmptyVerificationConfig is returned when VerificationPolicy or config-trusted-resources configmap are founded
	ErrorEmptyVerificationConfig = errors.New("no policies or config-trusted-resources configmap founded for verification")
	// ErrorNoMatchedPolicies is returned when no policies are matched
	ErrorNoMatchedPolicies = errors.New("no policies are matched")
	// ErrorRegexMatch is returned when regex match returns error
	ErrorRegexMatch = errors.New("regex failed to match")
	// ErrorSignatureMissing is returned when signature is missing in resource
	ErrorSignatureMissing = errors.New("signature is missing")
)

Functions ¶

func VerifyPipeline ¶

func VerifyPipeline(ctx context.Context, pipelineObj v1beta1.PipelineObject, k8s kubernetes.Interface, source string, policies []*v1alpha1.VerificationPolicy) error

VerifyPipeline verifies the signature and public key against pipeline. source is from ConfigSource.URI, which will be used to match policy patterns, k8s is used to fetch secret from cluster

func VerifyTask ¶

func VerifyTask(ctx context.Context, taskObj v1beta1.TaskObject, k8s kubernetes.Interface, source string, policies []*v1alpha1.VerificationPolicy) error

VerifyTask verifies the signature and public key against task. source is from ConfigSource.URI, which will be used to match policy patterns. k8s is used to fetch secret from cluster

Types ¶

This section is empty.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
verifier

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL