Documentation ¶
Index ¶
- Constants
- func CompressFS(fsys fs.FS, buf io.Writer, skipDirs map[string]bool) error
- func CreateRepo(ctx context.Context, files map[string][]byte) (tuf.LocalStore, string, error)
- func CreateRepoWithMetadata(ctx context.Context, targets []TargetWithMetadata) (tuf.LocalStore, string, error)
- func CreateRepoWithOptions(ctx context.Context, files map[string][]byte, options CreateRepoOptions) (tuf.LocalStore, string, error)
- func Uncompress(src io.Reader, dst string) error
- type CreateRepoOptions
- type CustomMetadata
- type TargetWithMetadata
Constants ¶
const ( FulcioTarget = "Fulcio" RekorTarget = "Rekor" CTFETarget = "CTFE" TSATarget = "TSA" UnknownTarget = "Unknown" )
Variables ¶
This section is empty.
Functions ¶
func CompressFS ¶ added in v0.4.12
CompressFS archives a TUF repository so that it can be written to Secret for later use.
func CreateRepo ¶
CreateRepo calls CreateRepoWithOptions, while setting: * CreateRepoOptions.AddMetadataTargets: true * CreateRepoOptions.AddTrustedRoot: false
func CreateRepoWithMetadata ¶ added in v0.4.13
func CreateRepoWithMetadata(ctx context.Context, targets []TargetWithMetadata) (tuf.LocalStore, string, error)
CreateRepoWithMetadata will create a TUF repo for Sigstore by adding targets to the Root with custom metadata.
func CreateRepoWithOptions ¶ added in v0.7.8
func CreateRepoWithOptions(ctx context.Context, files map[string][]byte, options CreateRepoOptions) (tuf.LocalStore, string, error)
CreateRepoWithOptions creates and initializes a TUF repo for Sigstore by adding keys to bytes. keys are typically for a basic setup like: "fulcio_v1.crt.pem" - Fulcio root cert in PEM format "ctfe.pub" - CTLog public key in PEM format "rekor.pub" - Rekor public key in PEM format "tsa_leaf.crt.pem" - TSA leaf certificate in PEM format "tsa_intermediate_0.crt.pem" - TSA Intermediate certificate in PEM format "tsa_root.crt.pem" - TSA Intermediate certificate in PEM format but additional keys can be added here.
This will also deduce the Usage for the keys based off the filename: if the filename contains:
- `fulcio` = it will get Usage set to `Fulcio`
- `ctfe` = it will get Usage set to `CTFE`
- `rekor` = it will get Usage set to `Rekor`
- `tsa` = it will get Usage set to `tsa`.
- Anything else will get set to `Unknown`
The targets will be added individually to the TUF repo if CreateRepoOptions.AddMetadataTargets is set to true. The trusted_root.json file will be added if CreateRepoOptions.AddTrustedRoot is set to true. At least one of these has to be true.
Types ¶
type CreateRepoOptions ¶ added in v0.7.8
type CustomMetadata ¶ added in v0.4.13
type TargetWithMetadata ¶ added in v0.4.13
TargetWithMetadata describes a TUF target with the given Name, Bytes, and CustomMetadata