repo

package
v0.7.16 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 6, 2024 License: Apache-2.0 Imports: 27 Imported by: 1

Documentation

Index

Constants

View Source
const (
	FulcioTarget  = "Fulcio"
	RekorTarget   = "Rekor"
	CTFETarget    = "CTFE"
	TSATarget     = "TSA"
	UnknownTarget = "Unknown"
)

Variables

This section is empty.

Functions

func CompressFS added in v0.4.12

func CompressFS(fsys fs.FS, buf io.Writer, skipDirs map[string]bool) error

CompressFS archives a TUF repository so that it can be written to Secret for later use.

func CreateRepo

func CreateRepo(ctx context.Context, files map[string][]byte) (tuf.LocalStore, string, error)

CreateRepo calls CreateRepoWithOptions, while setting: * CreateRepoOptions.AddMetadataTargets: true * CreateRepoOptions.AddTrustedRoot: false

func CreateRepoWithMetadata added in v0.4.13

func CreateRepoWithMetadata(ctx context.Context, targets []TargetWithMetadata) (tuf.LocalStore, string, error)

CreateRepoWithMetadata will create a TUF repo for Sigstore by adding targets to the Root with custom metadata.

func CreateRepoWithOptions added in v0.7.8

func CreateRepoWithOptions(ctx context.Context, files map[string][]byte, options CreateRepoOptions) (tuf.LocalStore, string, error)

CreateRepoWithOptions creates and initializes a TUF repo for Sigstore by adding keys to bytes. keys are typically for a basic setup like: "fulcio_v1.crt.pem" - Fulcio root cert in PEM format "ctfe.pub" - CTLog public key in PEM format "rekor.pub" - Rekor public key in PEM format "tsa_leaf.crt.pem" - TSA leaf certificate in PEM format "tsa_intermediate_0.crt.pem" - TSA Intermediate certificate in PEM format "tsa_root.crt.pem" - TSA Intermediate certificate in PEM format but additional keys can be added here.

This will also deduce the Usage for the keys based off the filename: if the filename contains:

  • `fulcio` = it will get Usage set to `Fulcio`
  • `ctfe` = it will get Usage set to `CTFE`
  • `rekor` = it will get Usage set to `Rekor`
  • `tsa` = it will get Usage set to `tsa`.
  • Anything else will get set to `Unknown`

The targets will be added individually to the TUF repo if CreateRepoOptions.AddMetadataTargets is set to true. The trusted_root.json file will be added if CreateRepoOptions.AddTrustedRoot is set to true. At least one of these has to be true.

func Uncompress added in v0.4.12

func Uncompress(src io.Reader, dst string) error

Uncompress takes a TUF repository that's been compressed with Compress and writes to dst directory.

Types

type CreateRepoOptions added in v0.7.8

type CreateRepoOptions struct {
	AddMetadataTargets bool
	AddTrustedRoot     bool
}

type CustomMetadata added in v0.4.13

type CustomMetadata struct {
	Usage  string `json:"usage"`
	Status string `json:"status"`
	URI    string `json:"uri"`
}

type TargetWithMetadata added in v0.4.13

type TargetWithMetadata struct {
	Name           string
	Bytes          []byte
	CustomMetadata []byte
}

TargetWithMetadata describes a TUF target with the given Name, Bytes, and CustomMetadata

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL