policies

package
v0.96.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 2, 2024 License: Apache-2.0 Imports: 25 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func IsProviderScheme added in v0.96.0

func IsProviderScheme(ref string) bool

IsProviderScheme takes a policy reference and returns whether it's referencing to an external provider or not

func LoadPolicyScriptFromSpec added in v0.93.8

func LoadPolicyScriptFromSpec(spec *v1.Policy) (*engine.Policy, error)

LoadPolicyScriptFromSpec loads a policy referenced from the spec

func LogPolicyViolations added in v0.94.0

func LogPolicyViolations(evaluations []*v12.PolicyEvaluation, logger *zerolog.Logger)

func ProviderParts added in v0.96.0

func ProviderParts(ref string) (string, string)

Types

type ChainloopLoader added in v0.95.7

type ChainloopLoader struct {
	Client pb.AttestationServiceClient
	// contains filtered or unexported fields
}

ChainloopLoader loads policies referenced with chainloop://provider/name URLs

func NewChainloopLoader added in v0.95.7

func NewChainloopLoader(client pb.AttestationServiceClient) *ChainloopLoader

func (*ChainloopLoader) Load added in v0.95.7

type EmbeddedLoader added in v0.95.7

type EmbeddedLoader struct{}

EmbeddedLoader returns embedded policies

func (*EmbeddedLoader) Load added in v0.95.7

type FileLoader added in v0.96.5

type FileLoader struct{}

FileLoader loader loads policies from filesystem and HTTPS references using Cosign's blob package

func (*FileLoader) Load added in v0.96.5

type HTTPSLoader added in v0.96.5

type HTTPSLoader struct{}

HTTPSLoader loader loads policies from HTTP or HTTPS references

func (*HTTPSLoader) Load added in v0.96.5

type Loader added in v0.95.7

type Loader interface {
	Load(context.Context, *v1.PolicyAttachment) (*v1.Policy, *v12.ResourceDescriptor, error)
}

Loader defines the interface for policy loaders from contract attachments

type PolicyError added in v0.94.2

type PolicyError struct {
	// contains filtered or unexported fields
}

func NewPolicyError added in v0.94.2

func NewPolicyError(err error) *PolicyError

func (*PolicyError) Error added in v0.94.2

func (e *PolicyError) Error() string

func (*PolicyError) Unwrap added in v0.96.0

func (e *PolicyError) Unwrap() error

type PolicyVerifier

type PolicyVerifier struct {
	// contains filtered or unexported fields
}

func NewPolicyVerifier

func NewPolicyVerifier(schema *v1.CraftingSchema, client v13.AttestationServiceClient, logger *zerolog.Logger) *PolicyVerifier

func (*PolicyVerifier) VerifyMaterial added in v0.93.8

func (pv *PolicyVerifier) VerifyMaterial(ctx context.Context, material *v12.Attestation_Material, artifactPath string) ([]*v12.PolicyEvaluation, error)

VerifyMaterial applies all required policies to a material

func (*PolicyVerifier) VerifyStatement added in v0.93.8

func (pv *PolicyVerifier) VerifyStatement(ctx context.Context, statement *intoto.Statement) ([]*v12.PolicyEvaluation, error)

VerifyStatement verifies that the statement is compliant with the policies present in the schema

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL