Documentation
¶
Index ¶
- func PredicateType() string
- type AttestationCreationOption
- type AttestationVerificationOption
- type AttestationVerifier
- type AttestationVerifierPublishOptions
- type Creation
- type Policy
- type PolicyEvaluationResult
- type PolicyOption
- type PolicyValidator
- type ValidationEnvironment
- type ValidationPackage
- type Verification
- type VerificationOption
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type AttestationCreationOption ¶
func EnterSafeMode ¶
func EnterSafeMode() AttestationCreationOption
type AttestationVerificationOption ¶
type AttestationVerificationOption struct {
Verifier AttestationVerifier
}
AttestationVerificationOption defines the configuration to verify publish attestations.
type AttestationVerifier ¶
type AttestationVerifier interface { // Publish attestation verification. The string returned contains the value of the environment, if present. VerifyPublishAttestation(digests intoto.DigestSet, packageURI string, environment []string, opts AttestationVerifierPublishOptions) (*string, error) }
AttestationVerifier defines an interface to verify attestations.
type AttestationVerifierPublishOptions ¶
type AttestationVerifierPublishOptions struct { // One of PublishrID or PublishrIDRegex must be set. PublishrID, PublishrIDRegex string BuildLevel int }
AttestationVerifierPublishOptions defines options for verifying a publish attestation.
type Creation ¶
type Creation struct {
// contains filtered or unexported fields
}
func CreationNew ¶
func (*Creation) PredicateType ¶
Utility functions needed by cosign APIs.
type Policy ¶
type Policy struct {
// contains filtered or unexported fields
}
Policy defines the deployment policy.
func PolicyNew ¶
func PolicyNew(org io.ReadCloser, projects iterator.NamedReadCloserIterator, opts ...PolicyOption) (*Policy, error)
New creates a deployment policy.
func (*Policy) Evaluate ¶
func (p *Policy) Evaluate(digests intoto.DigestSet, policyPackageName string, policyID string, opts AttestationVerificationOption) PolicyEvaluationResult
Evaluate evalues the deployment policy.
type PolicyEvaluationResult ¶
type PolicyEvaluationResult struct {
// contains filtered or unexported fields
}
PolicyEvaluationResult defines the result of policy evaluation.
func (PolicyEvaluationResult) AttestationNew ¶
func (r PolicyEvaluationResult) AttestationNew(options ...AttestationCreationOption) (*Creation, error)
AttestationNew creates a deployment attestation.
func (PolicyEvaluationResult) Error ¶
func (r PolicyEvaluationResult) Error() error
type PolicyOption ¶
PolicyOption defines a policy option.
func SetValidator ¶
func SetValidator(validator PolicyValidator) PolicyOption
SetValidator sets a custom validator.
type PolicyValidator ¶
type PolicyValidator interface {
ValidatePackage(pkg ValidationPackage) error
}
PolicyValidator defines an interface to validate certain fields in the policy.
type ValidationEnvironment ¶
type ValidationEnvironment struct {
AnyOf []string
}
ValidationEnvironment defines the structure containing the policy environment to validate.
type ValidationPackage ¶
type ValidationPackage struct { Name string Environment ValidationEnvironment }
ValidationPackage defines the structure holding package information to be validated.
type Verification ¶
type Verification struct {
// contains filtered or unexported fields
}
func VerificationNew ¶
func VerificationNew(reader io.ReadCloser) (*Verification, error)
func (*Verification) Verify ¶
func (v *Verification) Verify(digests intoto.DigestSet, scopes map[string]string, options ...VerificationOption) error
type VerificationOption ¶
type VerificationOption func(*Verification) error