imagepromoter

package
v3.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 17, 2023 License: Apache-2.0 Imports: 36 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	TestSigningAccount = "k8s-infra-promoter-test-signer@k8s-cip-test-prod.iam.gserviceaccount.com"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type DefaultPromoterImplementation 

type DefaultPromoterImplementation struct {
	// contains filtered or unexported fields
}

func NewDefaultPromoterImplementation added in v3.4.7 

func NewDefaultPromoterImplementation() *DefaultPromoterImplementation

NewDefaultPromoterImplementation creates a new DefaultPromoterImplementation instance.

func (*DefaultPromoterImplementation) ActivateServiceAccounts 

func (di *DefaultPromoterImplementation) ActivateServiceAccounts(opts *options.Options) error

ActivateServiceAccounts gets key files and activates service accounts

func (*DefaultPromoterImplementation) AppendManifestToSnapshot 

func (di *DefaultPromoterImplementation) AppendManifestToSnapshot(
	opts *options.Options, mfests []schema.Manifest,
) ([]schema.Manifest, error)

AppendManifestToSnapshot checks if a manifest was specified in the options passed to the promoter. If one is found, we parse it and append it to the list of manifests generated for the snapshot during GetSnapshotManifests()

func (*DefaultPromoterImplementation) CheckSignatureLayers added in v3.5.0 

func (di *DefaultPromoterImplementation) CheckSignatureLayers(opts *options.Options, oList []string) (existing, missing []string, err error)

CheckSignatureLayers checks a list of signature layers to ensure

func (*DefaultPromoterImplementation) FixMissingSignatures added in v3.5.0 

func (di *DefaultPromoterImplementation) FixMissingSignatures(opts *options.Options, results checkresults.Signature) error

FixMissingSignatures signs an image that has no signatures at all

func (*DefaultPromoterImplementation) FixPartialSignatures added in v3.5.0 

func (di *DefaultPromoterImplementation) FixPartialSignatures(opts *options.Options, results checkresults.Signature) error

FixPartialSignatures fixes images that had some signatures but some mirrors are missing some signatures

func (*DefaultPromoterImplementation) GetIdentityToken 

func (di *DefaultPromoterImplementation) GetIdentityToken(
	opts *options.Options, serviceAccount string,
) (tok string, err error)

GetIdentityToken returns an identity token for the selected service account in order for this function to work, an account has to be already logged. This can be achieved using the

func (*DefaultPromoterImplementation) GetLatestImages added in v3.5.0 

func (di *DefaultPromoterImplementation) GetLatestImages(opts *options.Options) ([]string, error)

func (*DefaultPromoterImplementation) GetPromotionEdges 

func (di *DefaultPromoterImplementation) GetPromotionEdges(
	sc *reg.SyncContext, mfests []schema.Manifest,
) (promotionEdges map[reg.PromotionEdge]interface{}, err error)

GetPromotionEdges checks the manifests and determines from them the promotion edges, ie the images that need to be promoted.

func (*DefaultPromoterImplementation) GetRegistryImageInventory 

func (di *DefaultPromoterImplementation) GetRegistryImageInventory(
	opts *options.Options, mfests []schema.Manifest,
) (registry.RegInvImage, error)

func (*DefaultPromoterImplementation) GetSignatureStatus added in v3.5.0 

func (di *DefaultPromoterImplementation) GetSignatureStatus(
	opts *options.Options, images []string,
) (checkresults.Signature, error)

func (*DefaultPromoterImplementation) GetSnapshotManifests 

func (di *DefaultPromoterImplementation) GetSnapshotManifests(
	opts *options.Options,
) ([]schema.Manifest, error)

GetSnapshotManifest creates the manifest list from the specified snapshot source

func (*DefaultPromoterImplementation) GetSnapshotSourceRegistry 

func (di *DefaultPromoterImplementation) GetSnapshotSourceRegistry(
	opts *options.Options,
) (*registry.Context, error)

func (DefaultPromoterImplementation) MakeSyncContext 

func (di DefaultPromoterImplementation) MakeSyncContext(
	opts *options.Options, mfests []schema.Manifest,
) (*reg.SyncContext, error)

MakeSyncContext takes a slice of manifests and creates a sync context object based on them and the promoter options

func (*DefaultPromoterImplementation) ParseManifests 

func (di *DefaultPromoterImplementation) ParseManifests(opts *options.Options) (mfests []schema.Manifest, err error)

ParseManifests reads the manifest file or manifest directory and parses them to return a slice of Manifest objects.

func (*DefaultPromoterImplementation) PrecheckAndExit 

func (di *DefaultPromoterImplementation) PrecheckAndExit(
	opts *options.Options, mfests []schema.Manifest,
) error

PrecheckAndExit run simple prechecks to exit before promotions or security scans

func (*DefaultPromoterImplementation) PrewarmTUFCache added in v3.4.3 

func (di *DefaultPromoterImplementation) PrewarmTUFCache() error

PrewarmTUFCache initializes the TUF cache so that threads do not have to compete against each other creating the TUF database.

func (*DefaultPromoterImplementation) PrintSecDisclaimer 

func (di *DefaultPromoterImplementation) PrintSecDisclaimer()

printSecDisclaimer prints a disclaimer about false positives that may be found in container image lauyers.

func (*DefaultPromoterImplementation) PrintSection 

func (di *DefaultPromoterImplementation) PrintSection(message string, confirm bool)

printSection handles the start/finish labels in the former legacy cli/run code

func (*DefaultPromoterImplementation) PrintVersion 

func (di *DefaultPromoterImplementation) PrintVersion()

func (*DefaultPromoterImplementation) PromoteImages 

func (di *DefaultPromoterImplementation) PromoteImages(
	sc *reg.SyncContext,
	promotionEdges map[reg.PromotionEdge]interface{},
) error

PromoteImages starts an image promotion of a set of edges

func (*DefaultPromoterImplementation) ScanEdges 

func (di *DefaultPromoterImplementation) ScanEdges(
	opts *options.Options, sc *reg.SyncContext,
	promotionEdges map[reg.PromotionEdge]interface{},
) error

ScanEdges runs the vulnerability scans on the new images detected by the promoter.

func (*DefaultPromoterImplementation) SignImages 

func (di *DefaultPromoterImplementation) SignImages(
	opts *options.Options, _ *reg.SyncContext, edges map[reg.PromotionEdge]interface{},
) error

SignImages signs the promoted images and stores their signatures in the registry

func (*DefaultPromoterImplementation) Snapshot 

func (di *DefaultPromoterImplementation) Snapshot(opts *options.Options, rii registry.RegInvImage) error

Run a snapshot

func (*DefaultPromoterImplementation) ValidateOptions 

func (di *DefaultPromoterImplementation) ValidateOptions(opts *options.Options) error

ValidateOptions checks an options set

func (*DefaultPromoterImplementation) ValidateStagingSignatures 

func (di *DefaultPromoterImplementation) ValidateStagingSignatures(
	edges map[reg.PromotionEdge]interface{},
) (map[reg.PromotionEdge]interface{}, error)

ValidateStagingSignatures checks if edges (images) have a signature applied during its staging run. If they do it verifies them and returns an error if they are not valid.

func (*DefaultPromoterImplementation) WriteSBOMs 

func (di *DefaultPromoterImplementation) WriteSBOMs(
	_ *options.Options, _ *reg.SyncContext, _ map[reg.PromotionEdge]interface{},
) error

WriteSBOMs writes SBOMs to each of the newly promoted images and stores them along the signatures in the registry

type StreamProducerFunc 

type StreamProducerFunc func(
	srcRegistry image.Registry, srcImageName image.Name,
	destRC registry.Context, imageName image.Name,
	digest image.Digest, tag image.Tag, tp reg.TagOp,
) stream.Producer

streamProducerFunc is a function that gets the required fields to construct a promotion stream producer

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.