Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var AssertBuiltWithGorpa = &Assertion{ Name: "built-with-gorpa", Description: "ensures all bundle entries have been built with Bhojpur GoRPA", Run: func(stmt *provenance.Statement) []Violation { if strings.HasPrefix(stmt.Predicate.Builder.ID, gorpa.ProvenanceBuilderID) { return nil } return []Violation{ {Desc: "was not built using Bhojpur GoRPA"}, } }, }
View Source
var AssertGitMaterialOnly = &Assertion{ Name: "git-material-only", Description: "ensures all subjects were built from Git material only", Run: func(stmt *provenance.Statement) []Violation { for _, m := range stmt.Predicate.Materials { if strings.HasPrefix(m.URI, "git+") || strings.HasPrefix(m.URI, "git://") { continue } return []Violation{{ Desc: "contains non-Git material, e.g. " + m.URI, }} } return nil }, }
Functions ¶
func DecodeBundle ¶
DecodeBundle returns a function which attempts to decode an attestation bundle from the reader and calls the handler for every envelope found in the bundle. If decoding fails, or the handler returns an error, decoding stops and the error is returned.
Types ¶
type Assertion ¶
type Assertion struct {
Name string
Description string
Run func(stmt *provenance.Statement) []Violation
RunEnvelope func(env *provenance.Envelope) []Violation
}
func AssertSignedWith ¶
type Assertions ¶
type Assertions []*Assertion
func (Assertions) AssertEnvelope ¶
func (a Assertions) AssertEnvelope(env *provenance.Envelope) (failed []Violation)
func (Assertions) AssertStatement ¶
func (a Assertions) AssertStatement(stmt *provenance.Statement) (failed []Violation)
Source Files
Click to show internal directories.
Click to hide internal directories.