Documentation
¶
Index ¶
- Constants
- func IsProviderScheme(ref string) bool
- func LoadPolicyScriptFromSpec(spec *v1.Policy) (*engine.Policy, error)
- func LogPolicyViolations(evaluations []*v12.PolicyEvaluation, logger *zerolog.Logger)
- func ProviderParts(ref string) (string, string)
- type BlobLoader
- type ChainloopLoader
- type EmbeddedLoader
- type Loader
- type PolicyError
- type PolicyVerifier
Constants ¶
View Source
const ChainloopScheme = "chainloop"
Variables ¶
This section is empty.
Functions ¶
func IsProviderScheme ¶ added in v0.96.0
IsProviderScheme takes a policy reference and returns whether it's referencing to an external provider or not
func LoadPolicyScriptFromSpec ¶ added in v0.93.8
LoadPolicyScriptFromSpec loads a policy referenced from the spec
func LogPolicyViolations ¶ added in v0.94.0
func LogPolicyViolations(evaluations []*v12.PolicyEvaluation, logger *zerolog.Logger)
func ProviderParts ¶ added in v0.96.0
Types ¶
type BlobLoader ¶ added in v0.96.0
type BlobLoader struct{}
BlobLoader loader loads policies from filesystem and HTTPS references using Cosign's blob package
func (*BlobLoader) Load ¶ added in v0.96.0
func (l *BlobLoader) Load(_ context.Context, attachment *v1.PolicyAttachment) (*v1.Policy, error)
type ChainloopLoader ¶ added in v0.95.7
type ChainloopLoader struct {
Client pb.AttestationServiceClient
// contains filtered or unexported fields
}
ChainloopLoader loads policies referenced with chainloop://provider/name URLs
func NewChainloopLoader ¶ added in v0.95.7
func NewChainloopLoader(client pb.AttestationServiceClient) *ChainloopLoader
func (*ChainloopLoader) Load ¶ added in v0.95.7
func (c *ChainloopLoader) Load(ctx context.Context, attachment *v1.PolicyAttachment) (*v1.Policy, error)
type EmbeddedLoader ¶ added in v0.95.7
type EmbeddedLoader struct{}
EmbeddedLoader returns embedded policies
func (*EmbeddedLoader) Load ¶ added in v0.95.7
func (e *EmbeddedLoader) Load(_ context.Context, attachment *v1.PolicyAttachment) (*v1.Policy, error)
type Loader ¶ added in v0.95.7
Loader defines the interface for policy loaders from contract attachments
type PolicyError ¶ added in v0.94.2
type PolicyError struct {
// contains filtered or unexported fields
}
func NewPolicyError ¶ added in v0.94.2
func NewPolicyError(err error) *PolicyError
func (*PolicyError) Error ¶ added in v0.94.2
func (e *PolicyError) Error() string
func (*PolicyError) Unwrap ¶ added in v0.96.0
func (e *PolicyError) Unwrap() error
type PolicyVerifier ¶
type PolicyVerifier struct {
// contains filtered or unexported fields
}
func NewPolicyVerifier ¶
func NewPolicyVerifier(schema *v1.CraftingSchema, client v13.AttestationServiceClient, logger *zerolog.Logger) *PolicyVerifier
func (*PolicyVerifier) VerifyMaterial ¶ added in v0.93.8
func (pv *PolicyVerifier) VerifyMaterial(ctx context.Context, material *v12.Attestation_Material, artifactPath string) ([]*v12.PolicyEvaluation, error)
VerifyMaterial applies all required policies to a material
func (*PolicyVerifier) VerifyStatement ¶ added in v0.93.8
func (pv *PolicyVerifier) VerifyStatement(ctx context.Context, statement *intoto.Statement) ([]*v12.PolicyEvaluation, error)
VerifyStatement verifies that the statement is compliant with the policies present in the schema
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.