signature

package

v0.2.20 Latest Latest Go to latest Published: Nov 16, 2022 License: Apache-2.0 Imports: 13 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/aws/eks-anywhere-packages

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func GetDigest(manifest Manifest, domain Domain) (digest [32]byte, yml []byte, err error)
func GetMetadataInformation(manifest Manifest, domain Domain) (signature string, excludes []string, err error)
func ValidateSignature(manifest Manifest, domain Domain) (valid bool, digest [32]byte, yml []byte, err error)
type Domain
type GojqParams
type Manifest

Constants ¶

View Source

const (
	PublicKey           = "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnP0Yo+ZxzPUEfohcG3bbJ8987UT4f0tj+XVBjS/s35wkfjrxTKrVZQpz3ta3zi5ZlgXzd7a20B1U1Py/TtPsxw=="
	DomainName          = "eksa.aws.com"
	SignatureAnnotation = "signature"
	ExcludesAnnotation  = "excludes"
)

Variables ¶

View Source

var (
	AlwaysExcluded = []string{".status", ".metadata.creationTimestamp", ".metadata.generation", ".metadata.managedFields", ".metadata.uid", ".metadata.resourceVersion"}
	GojqTemplate   = template.Must(template.New("gojq_query").Funcs(
		template.FuncMap{
			"StringsJoin": strings.Join,
			"Escape": func(in string) string {
				return strings.ReplaceAll(in, ".", "\\\\.")
			},
		}).Parse(`
del({{ StringsJoin .Excludes ", "}}) | (.metadata.annotations | objects) |= with_entries(select(.key | test("^{{ Escape .Domain.Name }}/(?:includes|excludes)$") ))
`))
)

View Source

var EksaDomain = Domain{Name: DomainName, Pubkey: PublicKey}

Functions ¶

func GetDigest ¶

func GetDigest(manifest Manifest, domain Domain) (digest [32]byte, yml []byte, err error)

func GetMetadataInformation ¶

func GetMetadataInformation(manifest Manifest, domain Domain) (signature string, excludes []string, err error)

func ValidateSignature ¶

func ValidateSignature(manifest Manifest, domain Domain) (valid bool, digest [32]byte, yml []byte, err error)

See ./testdata/sign_file.sh for a shell script implementation. This here differs in that it normalizes quoting while the shell script doesnt (yet).

Types ¶

type Domain ¶

type Domain struct {
	Name   string
	Pubkey string
}

type GojqParams ¶

type GojqParams struct {
	Excludes []string
	Domain   Domain
}

type Manifest ¶

type Manifest = metav1.ObjectMetaAccessor

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL