chains

package
v0.22.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 20, 2025 License: Apache-2.0 Imports: 32 Imported by: 2

Documentation

Index

Constants

View Source
const (
	// ChainsAnnotation is the standard annotation to indicate a TR has been signed.
	ChainsAnnotation             = "chains.tekton.dev/signed"
	RetryAnnotation              = "chains.tekton.dev/retries"
	ChainsTransparencyAnnotation = "chains.tekton.dev/transparency"
	MaxRetries                   = 3
)
View Source
const (
	SignedMessagesCount     = "sgcount"
	SignsStoredCount        = "stcount"
	PayloadUploadeCount     = "plcount"
	MarkedAsSignedCount     = "mrcount"
	PipelineRunSignedName   = "pipelinerun_sign_created_total"
	PipelineRunSignedDesc   = "Total number of signed messages for pipelineruns"
	PipelineRunUploadedName = "pipelinerun_payload_uploaded_total"
	PipelineRunUploadedDesc = "Total number of uploaded payloads for pipelineruns"
	PipelineRunStoredName   = "pipelinerun_payload_stored_total"
	PipelineRunStoredDesc   = "Total number of stored payloads for pipelineruns"
	PipelineRunMarkedName   = "pipelinerun_marked_signed_total"
	PipelineRunMarkedDesc   = "Total number of objects marked as signed for pipelineruns"
	TaskRunSignedName       = "taskrun_sign_created_total"
	TaskRunSignedDesc       = "Total number of signed messages for taskruns"
	TaskRunUploadedName     = "taskrun_payload_uploaded_total"
	TaskRunUploadedDesc     = "Total number of uploaded payloads for taskruns"
	TaskRunStoredName       = "taskrun_payload_stored_total"
	TaskRunStoredDesc       = "Total number of stored payloads for taskruns"
	TaskRunMarkedName       = "taskrun_marked_signed_total"
	TaskRunMarkedDesc       = "Total number of objects marked as signed for taskruns"
)
View Source
const (
	RekorAnnotation = "chains.tekton.dev/transparency-upload"
)

Variables

This section is empty.

Functions

func AddAnnotation added in v0.4.0

func AddAnnotation(ctx context.Context, obj objects.TektonObject, ps versioned.Interface, key, value string, annotations map[string]string) error

func AddRetry added in v0.4.0

func AddRetry(ctx context.Context, obj objects.TektonObject, ps versioned.Interface, annotations map[string]string) error

func HandleRetry added in v0.4.0

func HandleRetry(ctx context.Context, obj objects.TektonObject, ps versioned.Interface, annotations map[string]string) error

func MarkFailed added in v0.4.0

func MarkFailed(ctx context.Context, obj objects.TektonObject, ps versioned.Interface, annotations map[string]string) error

func MarkSigned

func MarkSigned(ctx context.Context, obj objects.TektonObject, ps versioned.Interface, annotations map[string]string) error

MarkSigned marks a Tekton object as signed.

func Reconciled added in v0.4.0

func Reconciled(ctx context.Context, client versioned.Interface, obj objects.TektonObject) bool

Reconciled determines whether a Tekton object has already been reconciled. It first inspects the state of the given TektonObject. If that indicates it has not been reconciled, then Reconciled fetches the latest version of the TektonObject from the cluster and inspects that version as well. This aims to avoid creating multiple attestations due to a stale cached TektonObject.

func RetryAvailable added in v0.4.0

func RetryAvailable(obj objects.TektonObject) bool

Types

type MetricsRecorder added in v0.20.0

type MetricsRecorder interface {
	RecordCountMetrics(ctx context.Context, MetricType string)
}

type ObjectSigner added in v0.13.0

type ObjectSigner struct {
	// Backends: store payload and signature
	// The keys are different storage option's name. {docdb, gcs, grafeas, oci, tekton}
	// The values are the actual storage backends that will be used to store and retrieve provenance.
	Backends          map[string]storage.Backend
	SecretPath        string
	Pipelineclientset versioned.Interface
	// Metrics Recorder config
	Recorder MetricsRecorder
}

func (*ObjectSigner) Sign added in v0.13.0

func (o *ObjectSigner) Sign(ctx context.Context, tektonObj objects.TektonObject) error

Signs TaskRun and PipelineRun objects, as well as generates attesations for each Follows process of extract payload, sign payload, store payload and signature

type Signer

type Signer interface {
	Sign(ctx context.Context, obj objects.TektonObject) error
}

type TaskRunVerifier added in v0.6.0

type TaskRunVerifier struct {
	KubeClient        kubernetes.Interface
	Pipelineclientset versioned.Interface
	SecretPath        string
}

func (*TaskRunVerifier) VerifyTaskRun added in v0.6.0

func (tv *TaskRunVerifier) VerifyTaskRun(ctx context.Context, tr *v1.TaskRun) error

type Verifier added in v0.6.0

type Verifier interface {
	VerifyTaskRun(ctx context.Context, tr *v1.TaskRun) error
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL