Versions in this module Expand all Collapse all v1 v1.5.1 Mar 21, 2019 Changes in this version + const SBKeyTypeGPGKeys + const SBKeyTypeSignedByGPGKeys + const SBKeyTypeSignedByX509CAs + const SBKeyTypeX509Certificates + func SignDockerManifest(m []byte, dockerReference string, mech SigningMechanism, keyIdentity string) ([]byte, error) + type InvalidPolicyFormatError string + func (err InvalidPolicyFormatError) Error() string + type InvalidSignatureError struct + func (err InvalidSignatureError) Error() string + type Policy struct + Default PolicyRequirements + Transports map[string]PolicyTransportScopes + func DefaultPolicy(sys *types.SystemContext) (*Policy, error) + func NewPolicyFromBytes(data []byte) (*Policy, error) + func NewPolicyFromFile(fileName string) (*Policy, error) + func (p *Policy) UnmarshalJSON(data []byte) error + type PolicyContext struct + Policy *Policy + func NewPolicyContext(policy *Policy) (*PolicyContext, error) + func (pc *PolicyContext) Destroy() error + func (pc *PolicyContext) GetSignaturesWithAcceptedAuthor(ctx context.Context, image types.UnparsedImage) (sigs []*Signature, finalErr error) + func (pc *PolicyContext) IsRunningImageAllowed(ctx context.Context, image types.UnparsedImage) (res bool, finalErr error) + type PolicyReferenceMatch interface + func NewPRMExactReference(dockerReference string) (PolicyReferenceMatch, error) + func NewPRMExactRepository(dockerRepository string) (PolicyReferenceMatch, error) + func NewPRMMatchExact() PolicyReferenceMatch + func NewPRMMatchRepoDigestOrExact() PolicyReferenceMatch + func NewPRMMatchRepository() PolicyReferenceMatch + type PolicyRequirement interface + func NewPRInsecureAcceptAnything() PolicyRequirement + func NewPRReject() PolicyRequirement + func NewPRSignedBaseLayer(baseLayerIdentity PolicyReferenceMatch) (PolicyRequirement, error) + func NewPRSignedByKeyData(keyType sbKeyType, keyData []byte, signedIdentity PolicyReferenceMatch) (PolicyRequirement, error) + func NewPRSignedByKeyPath(keyType sbKeyType, keyPath string, signedIdentity PolicyReferenceMatch) (PolicyRequirement, error) + type PolicyRequirementError string + func (err PolicyRequirementError) Error() string + type PolicyRequirements []PolicyRequirement + func (m *PolicyRequirements) UnmarshalJSON(data []byte) error + type PolicyTransportScopes map[string]PolicyRequirements + func (m *PolicyTransportScopes) UnmarshalJSON(data []byte) error + type Signature struct + DockerManifestDigest digest.Digest + DockerReference string + func VerifyDockerManifestSignature(unverifiedSignature, unverifiedManifest []byte, expectedDockerReference string, ...) (*Signature, error) + type SigningMechanism interface + Close func() error + Sign func(input []byte, keyIdentity string) ([]byte, error) + SupportsSigning func() error + UntrustedSignatureContents func(untrustedSignature []byte) (untrustedContents []byte, shortKeyIdentifier string, err error) + Verify func(unverifiedSignature []byte) (contents []byte, keyIdentity string, err error) + func NewEphemeralGPGSigningMechanism(blob []byte) (SigningMechanism, []string, error) + func NewGPGSigningMechanism() (SigningMechanism, error) + type SigningNotSupportedError string + func (err SigningNotSupportedError) Error() string + type UntrustedSignatureInformation struct + UntrustedCreatorID *string + UntrustedDockerManifestDigest digest.Digest + UntrustedDockerReference string + UntrustedShortKeyIdentifier string + UntrustedTimestamp *time.Time + func GetUntrustedSignatureInformationWithoutVerifying(untrustedSignatureBytes []byte) (*UntrustedSignatureInformation, error)
Go to main page