Documentation
¶
Index ¶
- func DecodeSignature(s string) ([]byte, error)
- func ParseBuilderID(id string, needVersion bool) (string, string, error)
- func PayloadFromEnvelope(env *dsselib.Envelope) ([]byte, error)
- func TagFromGitHubRef(ref string) (string, error)
- func ValidateGitHubTagRef(tag string) error
- func VerifyVersionedTag(provenanceTag, expectedTag string) error
- type TrustedBuilderID
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DecodeSignature ¶ added in v2.1.0
func PayloadFromEnvelope ¶ added in v2.1.0
func TagFromGitHubRef ¶
func ValidateGitHubTagRef ¶
func VerifyVersionedTag ¶ added in v2.2.0
Types ¶
type TrustedBuilderID ¶
type TrustedBuilderID struct {
// contains filtered or unexported fields
}
func TrustedBuilderIDNew ¶
func TrustedBuilderIDNew(builderID string, needVersion bool) (*TrustedBuilderID, error)
TrustedBuilderIDNew creates a new BuilderID structure.
func (*TrustedBuilderID) MatchesFull ¶ added in v2.3.0
func (b *TrustedBuilderID) MatchesFull(builderID string, allowRef bool) error
Matches matches the builderID string against the reference builderID. Both the name and versions are always verified.
func (*TrustedBuilderID) MatchesLoose ¶ added in v2.3.0
func (b *TrustedBuilderID) MatchesLoose(builderID string, allowRef bool) error
Matches matches the builderID string against the reference builderID. If the builderID contains a semver, the full builderID must match. Otherwise, only the name needs to match. `allowRef: true` indicates that the matching need not be an eaxct match. In this case, if the BuilderID version is a GitHub ref `refs/tags/name`, we will consider it equal to user-provided builderID `name`.
func (*TrustedBuilderID) Name ¶
func (b *TrustedBuilderID) Name() string
func (*TrustedBuilderID) String ¶
func (b *TrustedBuilderID) String() string
func (*TrustedBuilderID) Version ¶
func (b *TrustedBuilderID) Version() string
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.