k8smanifest

package

v0.0.0-...-1bf1170 Latest Latest Go to latest Published: Jun 22, 2021 License: Apache-2.0 Imports: 23 Imported by: 2

Documentation ¶

Index ¶

Constants
Variables
func Sign(inputDir, imageRef, keyPath, output string, updateAnnotation bool) ([]byte, error)
type ObjectFieldBinding
- func (f ObjectFieldBinding) Match(obj unstructured.Unstructured) (bool, []string)
type ObjectFieldBindingList
- func (l ObjectFieldBindingList) Match(obj unstructured.Unstructured) (bool, []string)
type ObjectReference
- func ObjectToReference(obj unstructured.Unstructured) ObjectReference
- func (r ObjectReference) Equal(r2 ObjectReference) bool
- func (r ObjectReference) Match(obj unstructured.Unstructured) bool
type ObjectReferenceList
- func (l ObjectReferenceList) Match(obj unstructured.Unstructured) bool
type ObjectUserBinding
type SignerList
- func (l SignerList) Match(signerName string) bool
type VerifyOption
- func LoadVerifyConfig(fpath string) (*VerifyOption, error)
type VerifyResourceResult
- func VerifyResource(obj unstructured.Unstructured, imageRef, keyPath string, vo *VerifyOption) (*VerifyResourceResult, error)
- func (r *VerifyResourceResult) String() string
type VerifyResult
- func Verify(manifest []byte, imageRef, keyPath string) (*VerifyResult, error)
- func (r *VerifyResult) String() string

Constants ¶

const (
	ImageRefAnnotationKey    = "cosign.sigstore.dev/imageRef"
	SignatureAnnotationKey   = "cosign.sigstore.dev/siganture"
	CertificateAnnotationKey = "cosign.sigstore.dev/certificate"
	MessageAnnotationKey     = "cosign.sigstore.dev/message"
	BundleAnnotationKey      = "cosign.sigstore.dev/bundle"
)

Variables ¶

View Source

var CommonResourceMaskKeys = []string{
	fmt.Sprintf("metadata.annotations.\"%s\"", ImageRefAnnotationKey),
	fmt.Sprintf("metadata.annotations.\"%s\"", SignatureAnnotationKey),
	fmt.Sprintf("metadata.annotations.\"%s\"", CertificateAnnotationKey),
	fmt.Sprintf("metadata.annotations.\"%s\"", MessageAnnotationKey),
	fmt.Sprintf("metadata.annotations.\"%s\"", BundleAnnotationKey),
	"metadata.annotations.namespace",
	"metadata.annotations.kubectl.\"kubernetes.io/last-applied-configuration\"",
	"metadata.managedFields",
	"metadata.creationTimestamp",
	"metadata.generation",
	"metadata.annotations.deprecated.daemonset.template.generation",
	"metadata.namespace",
	"metadata.resourceVersion",
	"metadata.selfLink",
	"metadata.uid",
	"status",
}

View Source

var EmbeddedAnnotationMaskKeys = []string{
	fmt.Sprintf("metadata.annotations.\"%s\"", ImageRefAnnotationKey),
	fmt.Sprintf("metadata.annotations.\"%s\"", SignatureAnnotationKey),
	fmt.Sprintf("metadata.annotations.\"%s\"", CertificateAnnotationKey),
	fmt.Sprintf("metadata.annotations.\"%s\"", MessageAnnotationKey),
	fmt.Sprintf("metadata.annotations.\"%s\"", BundleAnnotationKey),
}

Functions ¶

func Sign ¶

func Sign(inputDir, imageRef, keyPath, output string, updateAnnotation bool) ([]byte, error)

Types ¶

type ObjectFieldBinding ¶

type ObjectFieldBinding struct {
	Fields  []string            `json:"fields,omitempty"`
	Objects ObjectReferenceList `json:"objects,omitempty"`
}

func (ObjectFieldBinding) Match ¶

func (f ObjectFieldBinding) Match(obj unstructured.Unstructured) (bool, []string)

type ObjectFieldBindingList ¶

type ObjectFieldBindingList []ObjectFieldBinding

func (ObjectFieldBindingList) Match ¶

func (l ObjectFieldBindingList) Match(obj unstructured.Unstructured) (bool, []string)

type ObjectReference ¶

type ObjectReference struct {
	Group     string `json:"group,omitempty"`
	Version   string `json:"version,omitempty"`
	Kind      string `json:"kind,omitempty"`
	Name      string `json:"name,omitempty"`
	Namespace string `json:"namespace,omitempty"`
}

func ObjectToReference ¶

func ObjectToReference(obj unstructured.Unstructured) ObjectReference

func (ObjectReference) Equal ¶

func (r ObjectReference) Equal(r2 ObjectReference) bool

func (ObjectReference) Match ¶

func (r ObjectReference) Match(obj unstructured.Unstructured) bool

type ObjectReferenceList ¶

type ObjectReferenceList []ObjectReference

func (ObjectReferenceList) Match ¶

func (l ObjectReferenceList) Match(obj unstructured.Unstructured) bool

type ObjectUserBinding ¶

type ObjectUserBinding struct {
	Users   []string            `json:"users,omitempty"`
	Objects ObjectReferenceList `json:"objects,omitempty"`
}

type SignerList ¶

type SignerList []string

func (SignerList) Match ¶

func (l SignerList) Match(signerName string) bool

type VerifyOption ¶

type VerifyOption struct {
	SkipObjects  ObjectReferenceList    `json:"skipObjects,omitempty"`
	IgnoreFields ObjectFieldBindingList `json:"ignoreFields,omitempty"`
	Signers      SignerList             `json:"signers,omitempty"`
}

func LoadVerifyConfig ¶

func LoadVerifyConfig(fpath string) (*VerifyOption, error)

type VerifyResourceResult ¶

type VerifyResourceResult struct {
	Object   unstructured.Unstructured `json:"-"`
	Verified bool                      `json:"verified"`
	InScope  bool                      `json:"inScope"`
	Signer   string                    `json:"signer"`
	Diff     *mapnode.DiffResult       `json:"diff"`
}

func VerifyResource ¶

func VerifyResource(obj unstructured.Unstructured, imageRef, keyPath string, vo *VerifyOption) (*VerifyResourceResult, error)

func (*VerifyResourceResult) String ¶

func (r *VerifyResourceResult) String() string

type VerifyResult ¶

type VerifyResult struct {
	Verified bool                `json:"verified"`
	Signer   string              `json:"signer"`
	Diff     *mapnode.DiffResult `json:"diff"`
}

func Verify ¶

func Verify(manifest []byte, imageRef, keyPath string) (*VerifyResult, error)

func (*VerifyResult) String ¶

func (r *VerifyResult) String() string

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL