kustomize

package

v0.5.4 Latest Latest Go to latest Published: Feb 5, 2024 License: Apache-2.0 Imports: 28 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/sigstore/k8s-manifest-sigstore

Links

Open Source Insights

Documentation ¶

Index ¶

func CmdExec(baseCmd, dir string, args ...string) (string, error)
func FileExists(fpath string) bool
func GenerateAttestation(provPath, privKeyPath string) (*dsse.Envelope, error)
func GenerateProvenance(artifactName, digest, kustomizeBase string, startTime, finishTime time.Time, ...) (*intoto.Statement, error)
func GetDigestOfArtifact(artifactPath string) (string, error)
func GetImageDigest(resBundleRef string) (string, error)
func GitExec(dir string, args ...string) (string, error)
func IsDir(name string) (bool, error)
func IsFile(name string) (bool, error)
func IsFileResource(path string) bool
func IsRepositoryResource(path string) bool
func KustomizeExec(dir string, args ...string) (string, error)
func OverwriteArtifactInProvenance(provPath, overwriteArtifact string) (string, error)
func Sha256Hash(fpath string) (string, error)
type FileInfo
type GitRepoResult
type IntotoSigner
- func (es *IntotoSigner) KeyID() (string, error)
- func (es *IntotoSigner) Public() crypto.PublicKey
- func (it *IntotoSigner) Sign(ctx context.Context, data []byte) ([]byte, error)
- func (it *IntotoSigner) Verify(ctx context.Context, data, sig []byte) error
type KustomizationResource
- func LoadKustomization(fpath, baseDir, gitURL, gitRevision string, inRemoteRepo bool) ([]*KustomizationResource, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func GenerateAttestation ¶

func GenerateAttestation(provPath, privKeyPath string) (*dsse.Envelope, error)

generate a rekor entry data by signing a specified provenance with private key the output data contains a base64 encoded provenance and its signature. it can be used in `rekor-cli upload --artifact xxxxx`.

func GenerateProvenance ¶

func GenerateProvenance(artifactName, digest, kustomizeBase string, startTime, finishTime time.Time, recipeCmd []string) (*intoto.Statement, error)

generate provenance data by checking kustomization.yaml and its sub resources all local files and remote repos are included in `materials` of a generated provenance

func GetDigestOfArtifact ¶

func GetDigestOfArtifact(artifactPath string) (string, error)

get a digest of artifact by checking artifact type when the artifact is local file --> sha256 file hash

is OCI image --> image digest

func GetImageDigest ¶

func GetImageDigest(resBundleRef string) (string, error)

returns image digest

func GitExec ¶

func GitExec(dir string, args ...string) (string, error)

execute git command

func IsDir ¶

func IsDir(name string) (bool, error)

returns if a filepath is pointing a directory or not

func IsFile ¶

func IsFile(name string) (bool, error)

returns if a filepath is pointing a file or not

func IsFileResource ¶

func IsFileResource(path string) bool

returns if a resource in kustomization.yaml is a local file/dir or not

func IsRepositoryResource ¶

func IsRepositoryResource(path string) bool

returns if a resource in kustomization.yaml is a git repo or not

func KustomizeExec ¶

func KustomizeExec(dir string, args ...string) (string, error)

execute kustomize command

func OverwriteArtifactInProvenance ¶

func OverwriteArtifactInProvenance(provPath, overwriteArtifact string) (string, error)

overwrite `subject` in provenance with a specified artifact

func Sha256Hash ¶

func Sha256Hash(fpath string) (string, error)

get a sha 256 hash for a file

Types ¶

type FileInfo ¶

type FileInfo struct {
	Name string
	Hash string
}

type GitRepoResult ¶

type GitRepoResult struct {
	RootDir  string
	URL      string
	Revision string
	CommitID string
	Path     string
}

type IntotoSigner ¶

type IntotoSigner struct {
	// contains filtered or unexported fields
}

func (*IntotoSigner) KeyID ¶ added in v0.2.0

func (es *IntotoSigner) KeyID() (string, error)

func (*IntotoSigner) Public ¶ added in v0.2.0

func (es *IntotoSigner) Public() crypto.PublicKey

func (*IntotoSigner) Sign ¶

func (it *IntotoSigner) Sign(ctx context.Context, data []byte) ([]byte, error)

sign a provenance data

func (*IntotoSigner) Verify ¶

func (it *IntotoSigner) Verify(ctx context.Context, data, sig []byte) error

sverify a provenance data and its signature

type KustomizationResource ¶

type KustomizationResource struct {
	GitRepo *GitRepoResult
	File    *FileInfo
}

func LoadKustomization ¶

func LoadKustomization(fpath, baseDir, gitURL, gitRevision string, inRemoteRepo bool) ([]*KustomizationResource, error)

it loads a kustomization.yaml in a specified base dir and its resources and bases even in remote repository. then it returns a list of resources that have file hash info for files and commit digest info for remote repos.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL