policies

package
v0.96.11 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 19, 2024 License: Apache-2.0 Imports: 26 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ExtractDigest added in v0.96.6

func ExtractDigest(ref string) (string, string)

func IsProviderScheme added in v0.96.0

func IsProviderScheme(ref string) bool

IsProviderScheme takes a policy reference and returns whether it's referencing to an external provider or not

func LoadPolicyScriptsFromSpec added in v0.96.9

func LoadPolicyScriptsFromSpec(policy *v1.Policy, kind v1.CraftingSchema_Material_MaterialType) ([]*engine.Policy, error)

LoadPolicyScriptsFromSpec loads all policy script that matches a given material type. It matches if: * the policy kind is unspecified, meaning that it was forced by name selector * the policy kind is specified, and it's equal to the material type

func LogPolicyViolations added in v0.94.0

func LogPolicyViolations(evaluations []*v12.PolicyEvaluation, logger *zerolog.Logger)

func ProviderParts added in v0.96.0

func ProviderParts(ref string) (string, string)

Types

type ChainloopLoader added in v0.95.7

type ChainloopLoader struct {
	Client pb.AttestationServiceClient
	// contains filtered or unexported fields
}

ChainloopLoader loads policies referenced with chainloop://provider/name URLs

func NewChainloopLoader added in v0.95.7

func NewChainloopLoader(client pb.AttestationServiceClient) *ChainloopLoader

func (*ChainloopLoader) Load added in v0.95.7

type EmbeddedLoader added in v0.95.7

type EmbeddedLoader struct{}

EmbeddedLoader returns embedded policies

func (*EmbeddedLoader) Load added in v0.95.7

type FileLoader added in v0.96.5

type FileLoader struct{}

FileLoader loader loads policies from filesystem and HTTPS references using Cosign's blob package

func (*FileLoader) Load added in v0.96.5

type HTTPSLoader added in v0.96.5

type HTTPSLoader struct{}

HTTPSLoader loader loads policies from HTTP or HTTPS references

func (*HTTPSLoader) Load added in v0.96.5

type Loader added in v0.95.7

type Loader interface {
	Load(context.Context, *v1.PolicyAttachment) (*v1.Policy, *v12.ResourceDescriptor, error)
}

Loader defines the interface for policy loaders from contract attachments

type PolicyError added in v0.94.2

type PolicyError struct {
	// contains filtered or unexported fields
}

func NewPolicyError added in v0.94.2

func NewPolicyError(err error) *PolicyError

func (*PolicyError) Error added in v0.94.2

func (e *PolicyError) Error() string

func (*PolicyError) Unwrap added in v0.96.0

func (e *PolicyError) Unwrap() error

type PolicyVerifier

type PolicyVerifier struct {
	// contains filtered or unexported fields
}

func NewPolicyVerifier

func NewPolicyVerifier(schema *v1.CraftingSchema, client v13.AttestationServiceClient, logger *zerolog.Logger) *PolicyVerifier

func (*PolicyVerifier) VerifyMaterial added in v0.93.8

func (pv *PolicyVerifier) VerifyMaterial(ctx context.Context, material *v12.Attestation_Material, artifactPath string) ([]*v12.PolicyEvaluation, error)

VerifyMaterial applies all required policies to a material

func (*PolicyVerifier) VerifyStatement added in v0.93.8

func (pv *PolicyVerifier) VerifyStatement(ctx context.Context, statement *intoto.Statement) ([]*v12.PolicyEvaluation, error)

VerifyStatement verifies that the statement is compliant with the policies present in the schema

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL