trust

package
v4.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 10, 2022 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CreateTmpFile

func CreateTmpFile(dir, pattern string, content []byte) (string, error)

CreateTmpFile creates a temp file under dir and writes the content into it

func DefaultPolicyPath

func DefaultPolicyPath(sys *types.SystemContext) string

DefaultPolicyPath returns a path to the default policy of the system.

func GetGPGIdFromKeyData

func GetGPGIdFromKeyData(key string) []string

GetGPGIdFromKeyData return user keyring from keydata

func GetGPGIdFromKeyPath

func GetGPGIdFromKeyPath(path string) []string

GetGPGIdFromKeyPath return user keyring from key path

func RegistriesDirPath

func RegistriesDirPath(sys *types.SystemContext) string

RegistriesDirPath returns a path to registries.d

Types

type Policy

type Policy struct {
	Transport      string   `json:"transport"`
	Name           string   `json:"name,omitempty"`
	RepoName       string   `json:"repo_name,omitempty"`
	Keys           []string `json:"keys,omitempty"`
	SignatureStore string   `json:"sigstore,omitempty"`
	Type           string   `json:"type"`
	GPGId          string   `json:"gpg_id,omitempty"`
}

Policy describes a basic trust policy configuration

type PolicyContent

type PolicyContent struct {
	Default    []RepoContent     `json:"default"`
	Transports TransportsContent `json:"transports,omitempty"`
}

PolicyContent struct for policy.json file

func GetPolicy

func GetPolicy(policyPath string) (PolicyContent, error)

GetPolicy parse policy.json into PolicyContent struct

type RegistryConfiguration

type RegistryConfiguration struct {
	DefaultDocker *RegistryNamespace `json:"default-docker"`
	// The key is a namespace, using fully-expanded Docker reference format or parent namespaces (per dockerReference.PolicyConfiguration*),
	Docker map[string]RegistryNamespace `json:"docker"`
}

RegistryConfiguration is one of the files in registriesDirPath configuring lookaside locations, or the result of merging them all. NOTE: Keep this in sync with docs/registries.d.md!

func LoadAndMergeConfig

func LoadAndMergeConfig(dirPath string) (*RegistryConfiguration, error)

LoadAndMergeConfig loads configuration files in dirPath

type RegistryNamespace

type RegistryNamespace struct {
	SigStore        string `json:"sigstore"`         // For reading, and if SigStoreStaging is not present, for writing.
	SigStoreStaging string `json:"sigstore-staging"` // For writing only.
}

RegistryNamespace defines lookaside locations for a single namespace.

func HaveMatchRegistry

func HaveMatchRegistry(key string, registryConfigs *RegistryConfiguration) *RegistryNamespace

HaveMatchRegistry checks if trust settings for the registry have been configured in yaml file

type RepoContent

type RepoContent struct {
	Type           string          `json:"type"`
	KeyType        string          `json:"keyType,omitempty"`
	KeyPath        string          `json:"keyPath,omitempty"`
	KeyData        string          `json:"keyData,omitempty"`
	SignedIdentity json.RawMessage `json:"signedIdentity,omitempty"`
}

RepoContent struct used under each repo

type RepoMap

type RepoMap map[string][]RepoContent

RepoMap map repo name to policycontent for each repo

type ShowOutput

type ShowOutput struct {
	Repo      string
	Trusttype string
	GPGid     string
	Sigstore  string
}

ShowOutput keep the fields for image trust show command

type TransportsContent

type TransportsContent map[string]RepoMap

TransportsContent struct for content under "transports"

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL