cli

package
v1.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 25, 2021 License: Apache-2.0 Imports: 56 Imported by: 16

Documentation

Index

Constants

View Source
const (
	IntotoPayloadType = "application/vnd.in-toto+json"
	DssePayloadType   = "application/vnd.dsse.envelope.v1+json"
)
View Source
const (
	ExperimentalEnv = "COSIGN_EXPERIMENTAL"
)

Variables

View Source
var (
	// Output of "git describe". The prerequisite is that the branch should be
	// tagged using the correct versioning strategy.
	GitVersion = "devel"
)

Base version information.

This is the fallback data used when version information from git is not provided via go ldflags (e.g. via Makefile).

View Source
var (
	// Read is for fuzzing
	Read = readPasswordFn
)

Functions

func Attest added in v1.0.0

func Attest() *ffcli.Command

func AttestCmd added in v1.0.0

func AttestCmd(ctx context.Context, ko KeyOpts, imageRef string, certPath string,
	upload bool, predicatePath string, force bool, predicateType string) error

func Clean added in v0.5.0

func Clean() *ffcli.Command

func CleanCmd added in v0.5.0

func CleanCmd(ctx context.Context, imageRef string) error

func Copy added in v0.5.0

func Copy() *ffcli.Command

func CopyCmd added in v0.5.0

func CopyCmd(ctx context.Context, srcImg, dstImg string, sigOnly, force bool) error

func DefaultRegistryClientOpts added in v1.0.0

func DefaultRegistryClientOpts(ctx context.Context) []remote.Option

func Digest added in v1.0.0

func Digest(ctx context.Context, ref name.Reference) (v1.Hash, error)

Digest returns the digest of the image at the reference.

If the reference is by digest already, it simply extracts the digest. Otherwise, it looks up the digest from the registry.

func EnableExperimental added in v0.5.0

func EnableExperimental() bool

func Generate

func Generate() *ffcli.Command

func GenerateCmd

func GenerateCmd(_ context.Context, imageRef string, annotations map[string]interface{}, w io.Writer) error

func GenerateKeyPair

func GenerateKeyPair() *ffcli.Command

func GenerateKeyPairCmd

func GenerateKeyPairCmd(ctx context.Context, kmsVal string, args []string) error

func GetPass

func GetPass(confirm bool) ([]byte, error)

func GetPublicKey added in v0.2.0

func GetPublicKey(ctx context.Context, opts Pkopts, writer NamedWriter, pf cosign.PassFunc) error

func Init added in v1.1.0

func Init() *ffcli.Command

func LoadECDSAPrivateKey added in v1.0.1

func LoadECDSAPrivateKey(key []byte, pass []byte) (*signature.ECDSASignerVerifier, error)

func LoadPublicKey added in v1.0.0

func LoadPublicKey(ctx context.Context, keyRef string) (verifier signature.Verifier, err error)

func MungeCmd

func MungeCmd(ctx context.Context, imageRef string) error

func PrintVerification added in v0.5.0

func PrintVerification(imgRef string, verified []cosign.SignedPayload, co *cosign.CheckOpts, output string)

PrintVerification logs details about the verification to stdout

func PublicKey added in v0.2.0

func PublicKey() *ffcli.Command

func Sign

func Sign() *ffcli.Command

func SignBlob

func SignBlob() *ffcli.Command

func SignBlobCmd

func SignBlobCmd(ctx context.Context, ko KeyOpts, payloadPath string, b64 bool, output string) ([]byte, error)

func SignCmd

func SignCmd(ctx context.Context, ko KeyOpts, annotations map[string]interface{},
	imageRef string, certPath string, upload bool, payloadPath string, force bool, recursive bool) error

func TargetRepositoryForImage added in v0.6.0

func TargetRepositoryForImage(img name.Reference) (name.Repository, error)

func Triangulate

func Triangulate() *ffcli.Command

func Verify

func Verify() *ffcli.Command

Verify builds and returns an ffcli command

func VerifyAttestation added in v1.0.0

func VerifyAttestation() *ffcli.Command

Verify builds and returns an ffcli command

func VerifyBlob

func VerifyBlob() *ffcli.Command

func VerifyBlobCmd

func VerifyBlobCmd(ctx context.Context, ko KeyOpts, certRef, sigRef, blobRef string) error

func VerifyDockerfile added in v0.6.0

func VerifyDockerfile() *ffcli.Command

Verify builds and returns an ffcli command

func VerifyManifest added in v1.1.0

func VerifyManifest() *ffcli.Command

Verify builds and returns an ffcli command

func Version

func Version() *ffcli.Command

Types

type Info added in v0.3.0

type Info struct {
	GitVersion   string
	GitCommit    string
	GitTreeState string
	BuildDate    string
	GoVersion    string
	Compiler     string
	Platform     string
}

func VersionInfo

func VersionInfo() Info

func (*Info) JSONString added in v0.3.0

func (i *Info) JSONString() (string, error)

JSONString returns the JSON representation of the version info

func (*Info) String added in v0.3.0

func (i *Info) String() string

String returns the string representation of the version info

type KeyOpts added in v0.3.0

type KeyOpts struct {
	Sk               bool
	Slot             string
	KeyRef           string
	FulcioURL        string
	RekorURL         string
	IDToken          string
	PassFunc         cosign.PassFunc
	OIDCIssuer       string
	OIDCClientID     string
	OIDCClientSecret string
}

type KeyParseError

type KeyParseError struct{}

KeyParseError is an error returned when an incorrect set of key flags are parsed by the CLI

func (*KeyParseError) Error

func (e *KeyParseError) Error() string

type NamedWriter added in v0.3.0

type NamedWriter struct {
	Name string
	io.Writer
}

type Pkopts added in v0.3.0

type Pkopts struct {
	KeyRef string
	Sk     bool
	Slot   string
}

type VerifyAttestationCommand added in v1.0.0

type VerifyAttestationCommand struct {
	CheckClaims bool
	KeyRef      string
	Sk          bool
	Slot        string
	Output      string
	FulcioURL   string
	RekorURL    string
}

VerifyAttestationCommand verifies a signature on a supplied container image

func (*VerifyAttestationCommand) Exec added in v1.0.0

func (c *VerifyAttestationCommand) Exec(ctx context.Context, args []string) (err error)

Exec runs the verification command

type VerifyCommand added in v0.2.0

type VerifyCommand struct {
	CheckClaims bool
	KeyRef      string
	Sk          bool
	Slot        string
	Output      string
	RekorURL    string
	Annotations *map[string]interface{}
}

VerifyCommand verifies a signature on a supplied container image

func (*VerifyCommand) Exec added in v0.2.0

func (c *VerifyCommand) Exec(ctx context.Context, args []string) (err error)

Exec runs the verification command

type VerifyDockerfileCommand added in v0.6.0

type VerifyDockerfileCommand struct {
	VerifyCommand
	BaseOnly bool
}

VerifyCommand verifies a signature on a supplied container image

func (*VerifyDockerfileCommand) Exec added in v0.6.0

func (c *VerifyDockerfileCommand) Exec(ctx context.Context, args []string) error

Exec runs the verification command

type VerifyManifestCommand added in v1.1.0

type VerifyManifestCommand struct {
	VerifyCommand
}

VerifyCommand verifies all image signatures on a supplied k8s resource

func (*VerifyManifestCommand) Exec added in v1.1.0

func (c *VerifyManifestCommand) Exec(ctx context.Context, args []string) error

Exec runs the verification command

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL