cli

package
v1.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 20, 2021 License: Apache-2.0 Imports: 54 Imported by: 17

Documentation

Index

Constants

View Source 
const (
	ExperimentalEnv = "COSIGN_EXPERIMENTAL"
)

Variables

View Source 
var (
	// Output of "git describe". The prerequisite is that the branch should be
	// tagged using the correct versioning strategy.
	GitVersion = "devel"
)

Base version information.

This is the fallback data used when version information from git is not provided via go ldflags (e.g. via Makefile).

View Source 
var (
	// Read is for fuzzing
	Read = readPasswordFn
)

Functions

func ApplyRegistryFlags added in v1.2.1 

func ApplyRegistryFlags(regOpts *RegistryOpts, fs *flag.FlagSet)

func ApplyVerifyFlags added in v1.2.0 

func ApplyVerifyFlags(cmd *VerifyCommand, flagset *flag.FlagSet)

func AttachedImageTag added in v1.2.1 

func AttachedImageTag(ref name.Reference, suffix string, remoteOpts ...remote.Option) (name.Tag, error)

func Attest added in v1.0.0 

func Attest() *ffcli.Command

func AttestCmd added in v1.0.0 

func AttestCmd(ctx context.Context, ko KeyOpts, regOpts RegistryOpts, imageRef string, certPath string,
	upload bool, predicatePath string, force bool, predicateType string) error

func Clean added in v0.5.0 

func Clean() *ffcli.Command

func CleanCmd added in v0.5.0 

func CleanCmd(ctx context.Context, regOpts RegistryOpts, imageRef string) error

func Copy added in v0.5.0 

func Copy() *ffcli.Command

func CopyCmd added in v0.5.0 

func CopyCmd(ctx context.Context, regOpts RegistryOpts, srcImg, dstImg string, sigOnly, force bool) error

func Digest added in v1.0.0 

func Digest(ref name.Reference, remoteOpts ...remote.Option) (v1.Hash, error)

Digest returns the digest of the image at the reference.

If the reference is by digest already, it simply extracts the digest. Otherwise, it looks up the digest from the registry.

func EnableExperimental added in v0.5.0 

func EnableExperimental() bool

func Generate 

func Generate() *ffcli.Command

func GenerateCmd 

func GenerateCmd(ctx context.Context, regOpts RegistryOpts, imageRef string, annotations map[string]interface{}, w io.Writer) error

func GenerateKeyPair 

func GenerateKeyPair() *ffcli.Command

func GenerateKeyPairCmd 

func GenerateKeyPairCmd(ctx context.Context, kmsVal string, args []string) error

func GetPass 

func GetPass(confirm bool) ([]byte, error)

func GetPublicKey added in v0.2.0 

func GetPublicKey(ctx context.Context, opts Pkopts, writer NamedWriter, pf cosign.PassFunc) error

func Init added in v1.1.0 

func Init() *ffcli.Command

func LoadPublicKey added in v1.0.0 

func LoadPublicKey(ctx context.Context, keyRef string) (verifier signature.Verifier, err error)

func MungeCmd 

func MungeCmd(ctx context.Context, regOpts RegistryOpts, imageRef string, attachmentType string) error

func PrintVerification added in v0.5.0 

func PrintVerification(imgRef string, verified []cosign.SignedPayload, output string)

PrintVerification logs details about the verification to stdout

func PrintVerificationHeader added in v1.2.0 

func PrintVerificationHeader(imgRef string, co *cosign.CheckOpts)

func PublicKey added in v0.2.0 

func PublicKey() *ffcli.Command

func Sign 

func Sign() *ffcli.Command

func SignBlob 

func SignBlob() *ffcli.Command

func SignBlobCmd 

func SignBlobCmd(ctx context.Context, ko KeyOpts, regOpts RegistryOpts, payloadPath string, b64 bool, output string) ([]byte, error)

func SignCmd 

func SignCmd(ctx context.Context, ko KeyOpts, regOpts RegistryOpts, annotations map[string]interface{},
	imgs []string, certPath string, upload bool, payloadPath string, force bool, recursive bool, attachment string) error

func TargetRepositoryForImage added in v0.6.0 

func TargetRepositoryForImage(img name.Reference) (name.Repository, error)

func Triangulate 

func Triangulate() *ffcli.Command

func Verify 

func Verify() *ffcli.Command

Verify builds and returns an ffcli command

func VerifyAttestation added in v1.0.0 

func VerifyAttestation() *ffcli.Command

Verify builds and returns an ffcli command

func VerifyBlob 

func VerifyBlob() *ffcli.Command

func VerifyBlobCmd 

func VerifyBlobCmd(ctx context.Context, ko KeyOpts, certRef, sigRef, blobRef string) error

func Version 

func Version() *ffcli.Command

Types

type Info added in v0.3.0 

type Info struct {
	GitVersion   string
	GitCommit    string
	GitTreeState string
	BuildDate    string
	GoVersion    string
	Compiler     string
	Platform     string
}

func VersionInfo 

func VersionInfo() Info

func (*Info) JSONString added in v0.3.0 

func (i *Info) JSONString() (string, error)

JSONString returns the JSON representation of the version info

func (*Info) String added in v0.3.0 

func (i *Info) String() string

String returns the string representation of the version info

type KeyOpts added in v0.3.0 

type KeyOpts struct {
	Sk               bool
	Slot             string
	KeyRef           string
	FulcioURL        string
	RekorURL         string
	IDToken          string
	PassFunc         cosign.PassFunc
	OIDCIssuer       string
	OIDCClientID     string
	OIDCClientSecret string
}

type KeyParseError 

type KeyParseError struct{}

KeyParseError is an error returned when an incorrect set of key flags are parsed by the CLI

func (*KeyParseError) Error 

func (e *KeyParseError) Error() string

type NamedWriter added in v0.3.0 

type NamedWriter struct {
	Name string
	io.Writer
}

type Pkopts added in v0.3.0 

type Pkopts struct {
	KeyRef string
	Sk     bool
	Slot   string
}

type RegistryOpts added in v1.2.1 

type RegistryOpts struct {
	AllowInsecure bool
}

func (*RegistryOpts) GetRegistryClientOpts added in v1.2.1 

func (co *RegistryOpts) GetRegistryClientOpts(ctx context.Context) []remote.Option

type VerifyAttestationCommand added in v1.0.0 

type VerifyAttestationCommand struct {
	RegistryOpts
	CheckClaims bool
	KeyRef      string
	Sk          bool
	Slot        string
	Output      string
	FulcioURL   string
	RekorURL    string
}

VerifyAttestationCommand verifies a signature on a supplied container image

func (*VerifyAttestationCommand) Exec added in v1.0.0 

func (c *VerifyAttestationCommand) Exec(ctx context.Context, args []string) (err error)

Exec runs the verification command

type VerifyCommand added in v0.2.0 

type VerifyCommand struct {
	RegistryOpts
	CheckClaims bool
	KeyRef      string
	CertEmail   string
	Sk          bool
	Slot        string
	Output      string
	RekorURL    string
	Attachment  string
	Annotations *map[string]interface{}
}

VerifyCommand verifies a signature on a supplied container image

func (*VerifyCommand) Exec added in v0.2.0 

func (c *VerifyCommand) Exec(ctx context.Context, args []string) (err error)

Exec runs the verification command

Source Files

View all Source files

Directories

Path Synopsis
fulcioroots
fulcioverifier

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.