getproviders

package
v0.71.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 9, 2025 License: MIT Imports: 26 Imported by: 0

Documentation

Overview

Package getproviders provides an interface for getting providers.

Index

Constants

View Source
const HashicorpPartnersKey = `` /* 3194-byte string literal not displayed */

HashicorpPartnersKey is a key created by HashiCorp, used to generate and verify trust signatures for Partner tier providers.

View Source
const HashicorpPublicKey = `` /* 7716-byte string literal not displayed */

HashicorpPublicKey is the HashiCorp public key, also available at https://www.hashicorp.com/security

Variables

This section is empty.

Functions

func UpdateLockfile

func UpdateLockfile(ctx context.Context, workingDir string, providers []Provider) error

UpdateLockfile updates the dependency lock file. If `.terraform.lock.hcl` does not exist, it will be created, otherwise it will be updated.

Types

type Hash

type Hash string

Hash is a specially-formatted string representing a checksum of a package or the contents of the package.

func DocumentHashes

func DocumentHashes(doc []byte) []Hash

func HashLegacyZipSHAFromSHA

func HashLegacyZipSHAFromSHA(sum [sha256.Size]byte) Hash

HashLegacyZipSHAFromSHA is a convenience method to produce the schemed-string hash format from an already-calculated hash of a provider .zip archive.

func PackageHashLegacyZipSHA

func PackageHashLegacyZipSHA(path string) (Hash, error)

PackageHashLegacyZipSHA implements the old provider package hashing scheme of taking a SHA256 hash of the containing .zip archive itself, rather than of the contents of the archive.

func PackageHashV1

func PackageHashV1(path string) (Hash, error)

PackageHashV1 computes a hash of the contents of the package at the given location using hash algorithm 1. The resulting Hash is guaranteed to have the scheme HashScheme1.

func (Hash) String

func (hash Hash) String() string

type HashScheme

type HashScheme string

HashScheme is an enumeration of schemes.

const (
	// HashScheme1 is the scheme identifier for the first hash scheme.
	HashScheme1 HashScheme = HashScheme("h1:")

	// HashSchemeZip is the scheme identifier for the legacy hash scheme that applies to distribution archives (.zip files) rather than package contents.
	HashSchemeZip HashScheme = HashScheme("zh:")
)

func (HashScheme) New

func (scheme HashScheme) New(value string) Hash

New creates a new Hash value with the receiver as its scheme and the given raw string as its value.

type PackageAuthentication

type PackageAuthentication interface {
	// Authenticate takes the path  of a package and returns a PackageAuthenticationResult, or an error if the authentication checks fail.
	Authenticate(path string) (*PackageAuthenticationResult, error)
}

PackageAuthentication implementation is responsible for authenticating that a package is what its distributor intended to distribute and that it has not been tampered with.

func NewArchiveChecksumAuthentication

func NewArchiveChecksumAuthentication(wantSHA256Sum [sha256.Size]byte) PackageAuthentication

NewArchiveChecksumAuthentication returns a PackageAuthentication implementation that checks that the original distribution archive matches the given hash.

func NewMatchingChecksumAuthentication

func NewMatchingChecksumAuthentication(document []byte, filename string, wantSHA256Sum [sha256.Size]byte) PackageAuthentication

NewMatchingChecksumAuthentication returns a PackageAuthentication implementation that scans a registry-provided SHA256SUMS document for a specified filename, and compares the SHA256 hash against the expected hash

func NewSignatureAuthentication

func NewSignatureAuthentication(document, signature []byte, keys map[string]string) PackageAuthentication

NewSignatureAuthentication returns a PackageAuthentication implementation that verifies the cryptographic signature for a package against any of the provided keys.

func PackageAuthenticationAll

func PackageAuthenticationAll(checks ...PackageAuthentication) PackageAuthentication

PackageAuthenticationAll combines several authentications together into a single check value, which passes only if all of the given ones pass.

type PackageAuthenticationHashes

type PackageAuthenticationHashes interface {
	PackageAuthentication

	// AcceptableHashes returns a set of hashes that this authenticator considers to be valid for the current package or, where possible, equivalent packages on other platforms.
	AcceptableHashes() []Hash
}

PackageAuthenticationHashes is an optional interface implemented by PackageAuthentication implementations that are able to return a set of hashes they would consider valid if a given path referred to a package that matched that hash string.

type PackageAuthenticationResult

type PackageAuthenticationResult int

PackageAuthenticationResult is returned from a PackageAuthentication implementation which implements Stringer.

const (
	VerifiedChecksum PackageAuthenticationResult = iota
	OfficialProvider
	PartnerProvider
	CommunityProvider
)

func (PackageAuthenticationResult) SignedByAnyParty

func (result PackageAuthenticationResult) SignedByAnyParty() bool

SignedByAnyParty returns whether the package was authenticated as signed by either HashiCorp or by a third-party.

func (PackageAuthenticationResult) SignedByHashiCorp

func (result PackageAuthenticationResult) SignedByHashiCorp() bool

SignedByHashiCorp returns whether the package was authenticated as signed by HashiCorp.

func (*PackageAuthenticationResult) String

func (result *PackageAuthenticationResult) String() string

func (PackageAuthenticationResult) ThirdPartySigned

func (result PackageAuthenticationResult) ThirdPartySigned() bool

ThirdPartySigned returns whether the package was authenticated as signed by a party other than HashiCorp.

type Provider

type Provider interface {
	// Address returns a source address of the provider. e.g.: registry.terraform.io/hashicorp/aws
	Address() string

	// Version returns a version of the provider. e.g.: 5.36.0
	Version() string

	// DocumentSHA256Sums returns a document with providers hashes for different platforms.
	DocumentSHA256Sums(ctx context.Context) ([]byte, error)

	// PackageDir returns a directory with the unpacked provider.
	PackageDir() string

	// Logger returns logger
	Logger() log.Logger
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL