Documentation
¶
Index ¶
- func VerifyArtifact(ctx context.Context, provenance []byte, artifactHash string, ...) ([]byte, *utils.TrustedBuilderID, error)
- func VerifyImage(ctx context.Context, artifactImage string, provenance []byte, ...) ([]byte, *utils.TrustedBuilderID, error)
- func VerifyNpmPackage(ctx context.Context, attestations []byte, tarballHash string, ...) ([]byte, *utils.TrustedBuilderID, error)
- func VerifyVSA(ctx context.Context, attestation []byte, vsaOpts *options.VSAOpts, ...) ([]byte, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func VerifyArtifact ¶
func VerifyArtifact(ctx context.Context, provenance []byte, artifactHash string, provenanceOpts *options.ProvenanceOpts, builderOpts *options.BuilderOpts, ) ([]byte, *utils.TrustedBuilderID, error)
func VerifyImage ¶
func VerifyImage(ctx context.Context, artifactImage string, provenance []byte, provenanceOpts *options.ProvenanceOpts, builderOpts *options.BuilderOpts, ) ([]byte, *utils.TrustedBuilderID, error)
func VerifyNpmPackage ¶ added in v2.1.0
func VerifyNpmPackage(ctx context.Context, attestations []byte, tarballHash string, provenanceOpts *options.ProvenanceOpts, builderOpts *options.BuilderOpts, ) ([]byte, *utils.TrustedBuilderID, error)
func VerifyVSA ¶ added in v2.6.0
func VerifyVSA(ctx context.Context, attestation []byte, vsaOpts *options.VSAOpts, verificationOpts *options.VerificationOpts, ) ([]byte, error)
VerifyVSA verifies the VSA attestation. It returns the attestation base64-decoded from the envelope. We don't return a TrustedBuilderID. Instead, the user can user can parse the builderID separately, perhaps with https://pkg.go.dev/golang.org/x/mod/semver
Types ¶
This section is empty.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.