Documentation ¶
Overview ¶
Package config defines the configuration used by the chains controller to guide what it does.
Index ¶
- Constants
- func ToContext(ctx context.Context, c *Config) context.Context
- type Artifact
- type ArtifactConfigs
- type BuildDefinitionConfig
- type BuilderConfig
- type Config
- type ConfigStore
- type DocDBStorageConfig
- type GCSStorageConfig
- type GrafeasConfig
- type KMSAuth
- type KMSAuthOIDC
- type KMSAuthSpire
- type KMSSigner
- type KafkaStorageConfig
- type OCIStorageConfig
- type PayloadType
- type PubSubStorageConfig
- type SignerConfigs
- type StorageConfigs
- type StorageOpts
- type TektonStorageConfig
- type TransparencyConfig
- type X509Signer
Constants ¶
const (
ChainsConfig = "chains-config"
)
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Artifact ¶
type Artifact struct { Format string StorageBackend sets.Set[string] Signer string DeepInspectionEnabled bool }
Artifact contains the configuration for how to sign/store/format the signatures for a single artifact
func (*Artifact) DeepCopy ¶ added in v0.3.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Artifact.
func (*Artifact) DeepCopyInto ¶ added in v0.3.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ArtifactConfigs ¶
ArtifactConfigs contains the configuration for how to sign/store/format the signatures for each artifact type
func (*ArtifactConfigs) DeepCopy ¶ added in v0.3.0
func (in *ArtifactConfigs) DeepCopy() *ArtifactConfigs
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ArtifactConfigs.
func (*ArtifactConfigs) DeepCopyInto ¶ added in v0.3.0
func (in *ArtifactConfigs) DeepCopyInto(out *ArtifactConfigs)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type BuildDefinitionConfig ¶ added in v0.18.0
type BuildDefinitionConfig struct {
BuildType string
}
type BuilderConfig ¶ added in v0.2.0
type BuilderConfig struct {
ID string
}
func (*BuilderConfig) DeepCopy ¶ added in v0.3.0
func (in *BuilderConfig) DeepCopy() *BuilderConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BuilderConfig.
func (*BuilderConfig) DeepCopyInto ¶ added in v0.3.0
func (in *BuilderConfig) DeepCopyInto(out *BuilderConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Config ¶
type Config struct { Artifacts ArtifactConfigs Storage StorageConfigs Signers SignerConfigs Builder BuilderConfig Transparency TransparencyConfig BuildDefinition BuildDefinitionConfig }
func FromContext ¶ added in v0.3.0
FromContext fetch config from context.
func NewConfigFromConfigMap ¶ added in v0.3.0
NewConfigFromConfigMap creates a Config from the supplied ConfigMap
func NewConfigFromMap ¶ added in v0.3.0
NewConfigFromMap creates a Config from the supplied map
func (*Config) DeepCopy ¶ added in v0.3.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Config.
func (*Config) DeepCopyInto ¶ added in v0.3.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ConfigStore ¶
type ConfigStore struct {
*configmap.UntypedStore
}
ConfigStore is the configuration from a ConfigMap +k8s:deepcopy-gen=false
func NewConfigStore ¶
func NewConfigStore(logger configmap.Logger, onAfterStore ...func(name string, value interface{})) *ConfigStore
NewConfigStore returns a reconciler.ConfigStore for the chains configuration data.
func (*ConfigStore) Load ¶ added in v0.3.0
func (s *ConfigStore) Load() *Config
Load fetches config from Store.
type DocDBStorageConfig ¶
type DocDBStorageConfig struct {
URL string
}
func (*DocDBStorageConfig) DeepCopy ¶ added in v0.3.0
func (in *DocDBStorageConfig) DeepCopy() *DocDBStorageConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DocDBStorageConfig.
func (*DocDBStorageConfig) DeepCopyInto ¶ added in v0.3.0
func (in *DocDBStorageConfig) DeepCopyInto(out *DocDBStorageConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GCSStorageConfig ¶
type GCSStorageConfig struct {
Bucket string
}
func (*GCSStorageConfig) DeepCopy ¶ added in v0.3.0
func (in *GCSStorageConfig) DeepCopy() *GCSStorageConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GCSStorageConfig.
func (*GCSStorageConfig) DeepCopyInto ¶ added in v0.3.0
func (in *GCSStorageConfig) DeepCopyInto(out *GCSStorageConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GrafeasConfig ¶ added in v0.9.0
type KMSAuth ¶ added in v0.9.0
type KMSAuth struct { Address string Token string OIDC KMSAuthOIDC Spire KMSAuthSpire }
KMSAuth configures authentication to the KMS server
type KMSAuthOIDC ¶ added in v0.9.0
KMSAuthOIDC configures settings to authenticate with OIDC
type KMSAuthSpire ¶ added in v0.9.0
KMSAuthSpire configures settings to get an auth token from spire
type KMSSigner ¶
func (*KMSSigner) DeepCopy ¶ added in v0.3.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KMSSigner.
func (*KMSSigner) DeepCopyInto ¶ added in v0.3.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KafkaStorageConfig ¶ added in v0.9.0
type KafkaStorageConfig struct {
BootstrapServers string
}
type OCIStorageConfig ¶
func (*OCIStorageConfig) DeepCopy ¶ added in v0.3.0
func (in *OCIStorageConfig) DeepCopy() *OCIStorageConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OCIStorageConfig.
func (*OCIStorageConfig) DeepCopyInto ¶ added in v0.3.0
func (in *OCIStorageConfig) DeepCopyInto(out *OCIStorageConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PayloadType ¶ added in v0.14.0
type PayloadType string
PayloadType specifies the format to store payload in. - For OCI artifact, Chains only supports `simplesigning` format. https://www.redhat.com/en/blog/container-image-signing - For Tekton artifacts, Chains supports `tekton` and `in-toto` format. https://slsa.dev/provenance/v0.2
type PubSubStorageConfig ¶ added in v0.9.0
type PubSubStorageConfig struct { Provider string Topic string Kafka KafkaStorageConfig }
type SignerConfigs ¶
type SignerConfigs struct { X509 X509Signer KMS KMSSigner }
SignerConfigs contains the configuration to instantiate different signers
func (*SignerConfigs) DeepCopy ¶ added in v0.3.0
func (in *SignerConfigs) DeepCopy() *SignerConfigs
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SignerConfigs.
func (*SignerConfigs) DeepCopyInto ¶ added in v0.3.0
func (in *SignerConfigs) DeepCopyInto(out *SignerConfigs)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type StorageConfigs ¶
type StorageConfigs struct { GCS GCSStorageConfig OCI OCIStorageConfig Tekton TektonStorageConfig DocDB DocDBStorageConfig Grafeas GrafeasConfig PubSub PubSubStorageConfig }
StorageConfigs contains the configuration to instantiate different storage providers
func (*StorageConfigs) DeepCopy ¶ added in v0.3.0
func (in *StorageConfigs) DeepCopy() *StorageConfigs
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StorageConfigs.
func (*StorageConfigs) DeepCopyInto ¶ added in v0.3.0
func (in *StorageConfigs) DeepCopyInto(out *StorageConfigs)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type StorageOpts ¶ added in v0.3.0
type StorageOpts struct { // FullKey stands for the identifier of an artifact. // - For OCI artifact, it is the full representation in the format of `<NAME>@sha256:<DIGEST>`. // - For TaskRun/PipelineRun artifact, it is `<GROUP>-<VERSION>-<KIND>-<UID>` FullKey string // ShortKey is the short version of an artifact identifier. This is useful for annotation based storage // because annotation key has limitations (https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/#syntax-and-character-set). // - For OCI artifact, it is first 12 chars of the image digest. // - For TaskRun/PipelineRun artifact, it is `<KIND>-<UID>`. ShortKey string // Cert is an OPTIONAL property that contains a PEM-encoded x509 certificate. // If present, this certificate MUST embed the public key that can be used to verify the signature. // https://github.com/sigstore/cosign/blob/main/specs/SIGNATURE_SPEC.md Cert string // Chain string is an OPTIONAL property that contains a PEM-encoded, DER-formatted, ASN.1 x509 certificate chain. // The certificate property MUST be present if this property is present. // This chain MAY be used by implementations to verify the certificate property. // https://github.com/sigstore/cosign/blob/main/specs/SIGNATURE_SPEC.md Chain string // PayloadFormat is the format to store payload in. PayloadFormat PayloadType }
StorageOpts contains additional information required when storing signatures
func (*StorageOpts) DeepCopy ¶ added in v0.3.0
func (in *StorageOpts) DeepCopy() *StorageOpts
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StorageOpts.
func (*StorageOpts) DeepCopyInto ¶ added in v0.3.0
func (in *StorageOpts) DeepCopyInto(out *StorageOpts)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TektonStorageConfig ¶
type TektonStorageConfig struct { }
func (*TektonStorageConfig) DeepCopy ¶ added in v0.3.0
func (in *TektonStorageConfig) DeepCopy() *TektonStorageConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TektonStorageConfig.
func (*TektonStorageConfig) DeepCopyInto ¶ added in v0.3.0
func (in *TektonStorageConfig) DeepCopyInto(out *TektonStorageConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TransparencyConfig ¶ added in v0.3.0
func (*TransparencyConfig) DeepCopy ¶ added in v0.3.0
func (in *TransparencyConfig) DeepCopy() *TransparencyConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TransparencyConfig.
func (*TransparencyConfig) DeepCopyInto ¶ added in v0.3.0
func (in *TransparencyConfig) DeepCopyInto(out *TransparencyConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type X509Signer ¶
type X509Signer struct { FulcioEnabled bool FulcioAddr string FulcioOIDCIssuer string FulcioProvider string IdentityTokenFile string TUFMirrorURL string }
func (*X509Signer) DeepCopy ¶ added in v0.3.0
func (in *X509Signer) DeepCopy() *X509Signer
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new X509Signer.
func (*X509Signer) DeepCopyInto ¶ added in v0.3.0
func (in *X509Signer) DeepCopyInto(out *X509Signer)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.