cosign

package
v1.5.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 12, 2022 License: Apache-2.0 Imports: 21 Imported by: 2

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ImageSignatureRepository is an alternate signature repository
	ImageSignatureRepository string
	Secrets                  []string
)

Functions

func FetchAttestations added in v1.5.0 

func FetchAttestations(imageRef string, key []byte, repository string) ([]map[string]interface{}, error)

FetchAttestations retrieves signed attestations and decodes them into in-toto statements https://github.com/in-toto/attestation/blob/main/spec/README.md#statement

func Initialize 

func Initialize(client kubernetes.Interface, namespace, serviceAccount string, imagePullSecrets []string) error

Initialize loads the image pull secrets and initializes the default auth method for container registry API calls

func SetMock added in v1.5.0 

func SetMock(image string, data [][]byte) error

func UpdateKeychain added in v1.5.2 

func UpdateKeychain() error

UpdateKeychain reinitializes the image pull secrets and default auth method for container registry API calls

func VerifySignature added in v1.5.0 

func VerifySignature(imageRef string, key []byte, repository string, log logr.Logger) (digest string, err error)

Types

type Cosign added in v1.5.0 

type Cosign interface {
	Verify(ctx context.Context, signedImgRef name.Reference, accessor cosign.Accessor, co *cosign.CheckOpts) ([]oci.Signature, bool, error)
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.