config

package
v0.18.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 18, 2023 License: Apache-2.0 Imports: 9 Imported by: 1

Documentation

Overview

Package config defines the configuration used by the chains controller to guide what it does.

Index

Constants

View Source
const (
	ChainsConfig = "chains-config"
)

Variables

This section is empty.

Functions

func ToContext added in v0.3.0

func ToContext(ctx context.Context, c *Config) context.Context

ToContext adds config to given context.

Types

type Artifact

type Artifact struct {
	Format                string
	StorageBackend        sets.Set[string]
	Signer                string
	DeepInspectionEnabled bool
}

Artifact contains the configuration for how to sign/store/format the signatures for a single artifact

func (*Artifact) DeepCopy added in v0.3.0

func (in *Artifact) DeepCopy() *Artifact

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Artifact.

func (*Artifact) DeepCopyInto added in v0.3.0

func (in *Artifact) DeepCopyInto(out *Artifact)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Artifact) Enabled added in v0.7.0

func (artifact *Artifact) Enabled() bool

type ArtifactConfigs

type ArtifactConfigs struct {
	OCI          Artifact
	PipelineRuns Artifact
	TaskRuns     Artifact
}

ArtifactConfigs contains the configuration for how to sign/store/format the signatures for each artifact type

func (*ArtifactConfigs) DeepCopy added in v0.3.0

func (in *ArtifactConfigs) DeepCopy() *ArtifactConfigs

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ArtifactConfigs.

func (*ArtifactConfigs) DeepCopyInto added in v0.3.0

func (in *ArtifactConfigs) DeepCopyInto(out *ArtifactConfigs)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BuildDefinitionConfig added in v0.18.0

type BuildDefinitionConfig struct {
	BuildType string
}

type BuilderConfig added in v0.2.0

type BuilderConfig struct {
	ID string
}

func (*BuilderConfig) DeepCopy added in v0.3.0

func (in *BuilderConfig) DeepCopy() *BuilderConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BuilderConfig.

func (*BuilderConfig) DeepCopyInto added in v0.3.0

func (in *BuilderConfig) DeepCopyInto(out *BuilderConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Config

type Config struct {
	Artifacts       ArtifactConfigs
	Storage         StorageConfigs
	Signers         SignerConfigs
	Builder         BuilderConfig
	Transparency    TransparencyConfig
	BuildDefinition BuildDefinitionConfig
}

func FromContext added in v0.3.0

func FromContext(ctx context.Context) *Config

FromContext fetch config from context.

func NewConfigFromConfigMap added in v0.3.0

func NewConfigFromConfigMap(configMap *corev1.ConfigMap) (*Config, error)

NewConfigFromConfigMap creates a Config from the supplied ConfigMap

func NewConfigFromMap added in v0.3.0

func NewConfigFromMap(data map[string]string) (*Config, error)

NewConfigFromMap creates a Config from the supplied map

func (*Config) DeepCopy added in v0.3.0

func (in *Config) DeepCopy() *Config

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Config.

func (*Config) DeepCopyInto added in v0.3.0

func (in *Config) DeepCopyInto(out *Config)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ConfigStore

type ConfigStore struct {
	*configmap.UntypedStore
}

ConfigStore is the configuration from a ConfigMap +k8s:deepcopy-gen=false

func NewConfigStore

func NewConfigStore(logger configmap.Logger, onAfterStore ...func(name string, value interface{})) *ConfigStore

NewConfigStore returns a reconciler.ConfigStore for the chains configuration data.

func (*ConfigStore) Load added in v0.3.0

func (s *ConfigStore) Load() *Config

Load fetches config from Store.

func (*ConfigStore) ToContext added in v0.3.0

func (s *ConfigStore) ToContext(ctx context.Context) context.Context

ToContext adds Store contents to given context.

type DocDBStorageConfig

type DocDBStorageConfig struct {
	URL string
}

func (*DocDBStorageConfig) DeepCopy added in v0.3.0

func (in *DocDBStorageConfig) DeepCopy() *DocDBStorageConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DocDBStorageConfig.

func (*DocDBStorageConfig) DeepCopyInto added in v0.3.0

func (in *DocDBStorageConfig) DeepCopyInto(out *DocDBStorageConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GCSStorageConfig

type GCSStorageConfig struct {
	Bucket string
}

func (*GCSStorageConfig) DeepCopy added in v0.3.0

func (in *GCSStorageConfig) DeepCopy() *GCSStorageConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GCSStorageConfig.

func (*GCSStorageConfig) DeepCopyInto added in v0.3.0

func (in *GCSStorageConfig) DeepCopyInto(out *GCSStorageConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GrafeasConfig added in v0.9.0

type GrafeasConfig struct {
	// project id that is used to store notes and occurences
	ProjectID string
	// note id used to create a note that an occurrence will be attached to
	NoteID string

	// NoteHint is used to set the attestation note
	NoteHint string
}

type KMSAuth added in v0.9.0

type KMSAuth struct {
	Address string
	Token   string
	OIDC    KMSAuthOIDC
	Spire   KMSAuthSpire
}

KMSAuth configures authentication to the KMS server

type KMSAuthOIDC added in v0.9.0

type KMSAuthOIDC struct {
	Path string
	Role string
}

KMSAuthOIDC configures settings to authenticate with OIDC

type KMSAuthSpire added in v0.9.0

type KMSAuthSpire struct {
	Sock     string
	Audience string
}

KMSAuthSpire configures settings to get an auth token from spire

type KMSSigner

type KMSSigner struct {
	KMSRef string
	Auth   KMSAuth
}

func (*KMSSigner) DeepCopy added in v0.3.0

func (in *KMSSigner) DeepCopy() *KMSSigner

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KMSSigner.

func (*KMSSigner) DeepCopyInto added in v0.3.0

func (in *KMSSigner) DeepCopyInto(out *KMSSigner)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KafkaStorageConfig added in v0.9.0

type KafkaStorageConfig struct {
	BootstrapServers string
}

type OCIStorageConfig

type OCIStorageConfig struct {
	Repository string
	Insecure   bool
}

func (*OCIStorageConfig) DeepCopy added in v0.3.0

func (in *OCIStorageConfig) DeepCopy() *OCIStorageConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OCIStorageConfig.

func (*OCIStorageConfig) DeepCopyInto added in v0.3.0

func (in *OCIStorageConfig) DeepCopyInto(out *OCIStorageConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PayloadType added in v0.14.0

type PayloadType string

PayloadType specifies the format to store payload in. - For OCI artifact, Chains only supports `simplesigning` format. https://www.redhat.com/en/blog/container-image-signing - For Tekton artifacts, Chains supports `tekton` and `in-toto` format. https://slsa.dev/provenance/v0.2

type PubSubStorageConfig added in v0.9.0

type PubSubStorageConfig struct {
	Provider string
	Topic    string
	Kafka    KafkaStorageConfig
}

type SignerConfigs

type SignerConfigs struct {
	X509 X509Signer
	KMS  KMSSigner
}

SignerConfigs contains the configuration to instantiate different signers

func (*SignerConfigs) DeepCopy added in v0.3.0

func (in *SignerConfigs) DeepCopy() *SignerConfigs

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SignerConfigs.

func (*SignerConfigs) DeepCopyInto added in v0.3.0

func (in *SignerConfigs) DeepCopyInto(out *SignerConfigs)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type StorageConfigs

type StorageConfigs struct {
	GCS     GCSStorageConfig
	OCI     OCIStorageConfig
	Tekton  TektonStorageConfig
	DocDB   DocDBStorageConfig
	Grafeas GrafeasConfig
	PubSub  PubSubStorageConfig
}

StorageConfigs contains the configuration to instantiate different storage providers

func (*StorageConfigs) DeepCopy added in v0.3.0

func (in *StorageConfigs) DeepCopy() *StorageConfigs

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StorageConfigs.

func (*StorageConfigs) DeepCopyInto added in v0.3.0

func (in *StorageConfigs) DeepCopyInto(out *StorageConfigs)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type StorageOpts added in v0.3.0

type StorageOpts struct {
	// FullKey stands for the identifier of an artifact.
	// - For OCI artifact, it is the full representation in the format of `<NAME>@sha256:<DIGEST>`.
	// - For TaskRun/PipelineRun artifact, it is `<GROUP>-<VERSION>-<KIND>-<UID>`
	FullKey string

	// ShortKey is the short version of an artifact identifier. This is useful for annotation based storage
	// because annotation key has limitations (https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/#syntax-and-character-set).
	// - For OCI artifact, it is first 12 chars of the image digest.
	// - For TaskRun/PipelineRun artifact, it is `<KIND>-<UID>`.
	ShortKey string

	// Cert is an OPTIONAL property that contains a PEM-encoded x509 certificate.
	// If present, this certificate MUST embed the public key that can be used to verify the signature.
	// https://github.com/sigstore/cosign/blob/main/specs/SIGNATURE_SPEC.md
	Cert string

	// Chain string is an OPTIONAL property that contains a PEM-encoded, DER-formatted, ASN.1 x509 certificate chain.
	// The certificate property MUST be present if this property is present.
	// This chain MAY be used by implementations to verify the certificate property.
	// https://github.com/sigstore/cosign/blob/main/specs/SIGNATURE_SPEC.md
	Chain string

	// PayloadFormat is the format to store payload in.
	PayloadFormat PayloadType
}

StorageOpts contains additional information required when storing signatures

func (*StorageOpts) DeepCopy added in v0.3.0

func (in *StorageOpts) DeepCopy() *StorageOpts

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StorageOpts.

func (*StorageOpts) DeepCopyInto added in v0.3.0

func (in *StorageOpts) DeepCopyInto(out *StorageOpts)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TektonStorageConfig

type TektonStorageConfig struct {
}

func (*TektonStorageConfig) DeepCopy added in v0.3.0

func (in *TektonStorageConfig) DeepCopy() *TektonStorageConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TektonStorageConfig.

func (*TektonStorageConfig) DeepCopyInto added in v0.3.0

func (in *TektonStorageConfig) DeepCopyInto(out *TektonStorageConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TransparencyConfig added in v0.3.0

type TransparencyConfig struct {
	Enabled          bool
	VerifyAnnotation bool
	URL              string
}

func (*TransparencyConfig) DeepCopy added in v0.3.0

func (in *TransparencyConfig) DeepCopy() *TransparencyConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TransparencyConfig.

func (*TransparencyConfig) DeepCopyInto added in v0.3.0

func (in *TransparencyConfig) DeepCopyInto(out *TransparencyConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type X509Signer

type X509Signer struct {
	FulcioEnabled     bool
	FulcioAddr        string
	FulcioOIDCIssuer  string
	FulcioProvider    string
	IdentityTokenFile string
	TUFMirrorURL      string
}

func (*X509Signer) DeepCopy added in v0.3.0

func (in *X509Signer) DeepCopy() *X509Signer

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new X509Signer.

func (*X509Signer) DeepCopyInto added in v0.3.0

func (in *X509Signer) DeepCopyInto(out *X509Signer)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL