verify

package

v0.0.0-...-a45fa12 Latest Latest Go to latest Published: Dec 19, 2019 License: Apache-2.0 Imports: 22 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/muller-testing-org/cluster-version-operator

Links

Open Source Insights

Documentation ¶

Index ¶

type ClientBuilder
type Interface
- func LoadFromPayload(update *payload.Update, clientBuilder ClientBuilder) (Interface, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type ClientBuilder ¶

type ClientBuilder interface {
	HTTPClient() (*http.Client, error)
}

ClientBuilder provides a method for generating an HTTP Client configured with cluster proxy settings, if they exist.

type Interface ¶

type Interface interface {
	Verify(ctx context.Context, releaseDigest string) error
}

Interface performs verification of the provided content. The default implementation in this package uses the container signature format defined at https://github.com/containers/image to authenticate that a given release image digest has been signed by a trusted party.

var Reject Interface = rejectVerifier{}

Reject fails always fails verification.

func LoadFromPayload ¶

func LoadFromPayload(update *payload.Update, clientBuilder ClientBuilder) (Interface, error)

LoadFromPayload looks for a config map in the v1 API group within the provided update with the annotation "release.openshift.io/verification-config-map". Only the first payload item in lexographic order will be considered - all others are ignored.

The presence of one or more config maps instructs the CVO to verify updates before they are downloaded.

The keys within the config map define how verification is performed:

verifier-public-key-*: One or more GPG public keys in ASCII form that must have signed the

release image by digest.

store-*: A URL (scheme file://, http://, or https://) location that contains signatures. These

signatures are in the atomic container signature format. The URL will have the digest
of the image appended to it as "<STORE>/<ALGO>=<DIGEST>/signature-<NUMBER>" as described
in the container image signing format. The docker-image-manifest section of the
signature must match the release image digest. Signatures are searched starting at
NUMBER 1 and incrementing if the signature exists but is not valid. The signature is a
GPG signed and encrypted JSON message. The file store is provided for testing only at
the current time, although future versions of the CVO might allow host mounting of
signatures.

See https://github.com/containers/image/blob/ab49b0a48428c623a8f03b41b9083d48966b34a9/docs/signature-protocols.md for a description of the signature store

The returned verifier will require that any new release image will only be considered verified if each provided public key has signed the release image digest. The signature may be in any store and the lookup order is internally defined.

Source Files ¶

View all Source files

verify.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL