v1

package
v0.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 16, 2025 License: Apache-2.0 Imports: 16 Imported by: 29

Documentation

Index

Constants

View Source 
const (
	SigstoreModeExact  string = "exact"
	SigstoreModeRegexp string = "regexp"
)
View Source 
const (
	StatusFAIL     = "FAIL"
	StatusPASS     = "PASS"
	StatusSOFTFAIL = "SOFTFAIL"
)

Variables

View Source 
var File_v1_policy_proto protoreflect.FileDescriptor
View Source 
var File_v1_result_proto protoreflect.FileDescriptor
View Source 
var File_v1_verification_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type Assessment 

type Assessment struct {
	Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"`
	// contains filtered or unexported fields
}

func (*Assessment) Descriptor deprecated 

func (*Assessment) Descriptor() ([]byte, []int)

Deprecated: Use Assessment.ProtoReflect.Descriptor instead.

func (*Assessment) GetMessage 

func (x *Assessment) GetMessage() string

func (*Assessment) ProtoMessage 

func (*Assessment) ProtoMessage()

func (*Assessment) ProtoReflect 

func (x *Assessment) ProtoReflect() protoreflect.Message

func (*Assessment) Reset 

func (x *Assessment) Reset()

func (*Assessment) String 

func (x *Assessment) String() string
type ChainLink struct {

	// Types that are valid to be assigned to Source:
	//
	//	*ChainLink_Predicate
	Source isChainLink_Source `protobuf_oneof:"source"`
	// contains filtered or unexported fields
}

func (*ChainLink) Descriptor deprecated 

func (*ChainLink) Descriptor() ([]byte, []int)

Deprecated: Use ChainLink.ProtoReflect.Descriptor instead.

func (*ChainLink) GetPredicate 

func (x *ChainLink) GetPredicate() *ChainedPredicate

func (*ChainLink) GetSource 

func (x *ChainLink) GetSource() isChainLink_Source

func (*ChainLink) ProtoMessage 

func (*ChainLink) ProtoMessage()

func (*ChainLink) ProtoReflect 

func (x *ChainLink) ProtoReflect() protoreflect.Message

func (*ChainLink) Reset 

func (x *ChainLink) Reset()

func (*ChainLink) String 

func (x *ChainLink) String() string
type ChainLink_Predicate struct {
	Predicate *ChainedPredicate `protobuf:"bytes,1,opt,name=predicate,proto3,oneof"` // ChainedOutput output = 2;
}

type ChainedOutput 

type ChainedOutput struct {
	Policy string `protobuf:"bytes,1,opt,name=policy,proto3" json:"policy,omitempty"`
	Tenet  string `protobuf:"bytes,2,opt,name=tenet,proto3" json:"tenet,omitempty"`
	// contains filtered or unexported fields
}

func (*ChainedOutput) Descriptor deprecated 

func (*ChainedOutput) Descriptor() ([]byte, []int)

Deprecated: Use ChainedOutput.ProtoReflect.Descriptor instead.

func (*ChainedOutput) GetPolicy 

func (x *ChainedOutput) GetPolicy() string

func (*ChainedOutput) GetTenet 

func (x *ChainedOutput) GetTenet() string

func (*ChainedOutput) ProtoMessage 

func (*ChainedOutput) ProtoMessage()

func (*ChainedOutput) ProtoReflect 

func (x *ChainedOutput) ProtoReflect() protoreflect.Message

func (*ChainedOutput) Reset 

func (x *ChainedOutput) Reset()

func (*ChainedOutput) String 

func (x *ChainedOutput) String() string

type ChainedPredicate 

type ChainedPredicate struct {
	Type       string      `protobuf:"bytes,1,opt,name=type,proto3" json:"type,omitempty"`
	Selector   string      `protobuf:"bytes,2,opt,name=selector,proto3" json:"selector,omitempty"`
	Runtime    string      `protobuf:"bytes,3,opt,name=runtime,proto3" json:"runtime,omitempty"`
	Identities []*Identity `protobuf:"bytes,5,rep,name=identities,proto3" json:"identities,omitempty"`
	// contains filtered or unexported fields
}

func (*ChainedPredicate) Descriptor deprecated 

func (*ChainedPredicate) Descriptor() ([]byte, []int)

Deprecated: Use ChainedPredicate.ProtoReflect.Descriptor instead.

func (*ChainedPredicate) GetIdentities 

func (x *ChainedPredicate) GetIdentities() []*Identity

func (*ChainedPredicate) GetRuntime 

func (x *ChainedPredicate) GetRuntime() string

func (*ChainedPredicate) GetSelector 

func (x *ChainedPredicate) GetSelector() string

func (*ChainedPredicate) GetType 

func (x *ChainedPredicate) GetType() string

func (*ChainedPredicate) ProtoMessage 

func (*ChainedPredicate) ProtoMessage()

func (*ChainedPredicate) ProtoReflect 

func (x *ChainedPredicate) ProtoReflect() protoreflect.Message

func (*ChainedPredicate) Reset 

func (x *ChainedPredicate) Reset()

func (*ChainedPredicate) String 

func (x *ChainedPredicate) String() string

type ChainedSubject 

type ChainedSubject struct {
	Source      *v1.ResourceDescriptor `protobuf:"bytes,1,opt,name=source,proto3" json:"source,omitempty"`
	Destination *v1.ResourceDescriptor `protobuf:"bytes,2,opt,name=destination,proto3" json:"destination,omitempty"`
	Link        *ChainedSubjectLink    `protobuf:"bytes,3,opt,name=link,proto3" json:"link,omitempty"`
	// contains filtered or unexported fields
}

func (*ChainedSubject) Descriptor deprecated 

func (*ChainedSubject) Descriptor() ([]byte, []int)

Deprecated: Use ChainedSubject.ProtoReflect.Descriptor instead.

func (*ChainedSubject) GetDestination 

func (x *ChainedSubject) GetDestination() *v1.ResourceDescriptor
func (x *ChainedSubject) GetLink() *ChainedSubjectLink

func (*ChainedSubject) GetSource 

func (x *ChainedSubject) GetSource() *v1.ResourceDescriptor

func (*ChainedSubject) ProtoMessage 

func (*ChainedSubject) ProtoMessage()

func (*ChainedSubject) ProtoReflect 

func (x *ChainedSubject) ProtoReflect() protoreflect.Message

func (*ChainedSubject) Reset 

func (x *ChainedSubject) Reset()

func (*ChainedSubject) String 

func (x *ChainedSubject) String() string
type ChainedSubjectLink struct {
	Type        string                 `protobuf:"bytes,1,opt,name=type,proto3" json:"type,omitempty"`
	Attestation *v1.ResourceDescriptor `protobuf:"bytes,2,opt,name=attestation,proto3" json:"attestation,omitempty"`
	// contains filtered or unexported fields
}

func (*ChainedSubjectLink) Descriptor deprecated 

func (*ChainedSubjectLink) Descriptor() ([]byte, []int)

Deprecated: Use ChainedSubjectLink.ProtoReflect.Descriptor instead.

func (*ChainedSubjectLink) GetAttestation 

func (x *ChainedSubjectLink) GetAttestation() *v1.ResourceDescriptor

func (*ChainedSubjectLink) GetType 

func (x *ChainedSubjectLink) GetType() string

func (*ChainedSubjectLink) ProtoMessage 

func (*ChainedSubjectLink) ProtoMessage()

func (*ChainedSubjectLink) ProtoReflect 

func (x *ChainedSubjectLink) ProtoReflect() protoreflect.Message

func (*ChainedSubjectLink) Reset 

func (x *ChainedSubjectLink) Reset()

func (*ChainedSubjectLink) String 

func (x *ChainedSubjectLink) String() string

type ContextVal 

type ContextVal struct {
	Type     string          `protobuf:"bytes,1,opt,name=type,proto3" json:"type,omitempty"`
	Required *bool           `protobuf:"varint,2,opt,name=required,proto3,oneof" json:"required,omitempty"`
	Value    *structpb.Value `protobuf:"bytes,3,opt,name=value,proto3,oneof" json:"value,omitempty"`
	Default  *structpb.Value `protobuf:"bytes,4,opt,name=default,proto3,oneof" json:"default,omitempty"`
	// contains filtered or unexported fields
}

func (*ContextVal) Descriptor deprecated 

func (*ContextVal) Descriptor() ([]byte, []int)

Deprecated: Use ContextVal.ProtoReflect.Descriptor instead.

func (*ContextVal) GetDefault 

func (x *ContextVal) GetDefault() *structpb.Value

func (*ContextVal) GetRequired 

func (x *ContextVal) GetRequired() bool

func (*ContextVal) GetType 

func (x *ContextVal) GetType() string

func (*ContextVal) GetValue 

func (x *ContextVal) GetValue() *structpb.Value

func (*ContextVal) Merge 

func (cv *ContextVal) Merge(cv2 *ContextVal)

Merge merges the values set in cv2 into cv. If values are not set nothing is replaced

func (*ContextVal) ProtoMessage 

func (*ContextVal) ProtoMessage()

func (*ContextVal) ProtoReflect 

func (x *ContextVal) ProtoReflect() protoreflect.Message

func (*ContextVal) Reset 

func (x *ContextVal) Reset()

func (*ContextVal) String 

func (x *ContextVal) String() string

type Control 

type Control struct {
	Id        string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	Class     string `protobuf:"bytes,2,opt,name=class,proto3" json:"class,omitempty"`
	Framework string `protobuf:"bytes,3,opt,name=framework,proto3" json:"framework,omitempty"`
	Title     string `protobuf:"bytes,4,opt,name=title,proto3" json:"title,omitempty"`
	// contains filtered or unexported fields
}

Control is a mapping tying the policy to an framework control

func (*Control) Descriptor deprecated 

func (*Control) Descriptor() ([]byte, []int)

Deprecated: Use Control.ProtoReflect.Descriptor instead.

func (*Control) GetClass 

func (x *Control) GetClass() string

func (*Control) GetFramework 

func (x *Control) GetFramework() string

func (*Control) GetId 

func (x *Control) GetId() string

func (*Control) GetTitle 

func (x *Control) GetTitle() string

func (*Control) ProtoMessage 

func (*Control) ProtoMessage()

func (*Control) ProtoReflect 

func (x *Control) ProtoReflect() protoreflect.Message

func (*Control) Reset 

func (x *Control) Reset()

func (*Control) String 

func (x *Control) String() string

type Error 

type Error struct {
	Message  string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"`
	Guidance string `protobuf:"bytes,2,opt,name=guidance,proto3" json:"guidance,omitempty"`
	// contains filtered or unexported fields
}

func (*Error) Descriptor deprecated 

func (*Error) Descriptor() ([]byte, []int)

Deprecated: Use Error.ProtoReflect.Descriptor instead.

func (*Error) GetGuidance 

func (x *Error) GetGuidance() string

func (*Error) GetMessage 

func (x *Error) GetMessage() string

func (*Error) ProtoMessage 

func (*Error) ProtoMessage()

func (*Error) ProtoReflect 

func (x *Error) ProtoReflect() protoreflect.Message

func (*Error) Reset 

func (x *Error) Reset()

func (*Error) String 

func (x *Error) String() string

type EvalResult 

type EvalResult struct {
	Id         string                 `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	Status     string                 `protobuf:"bytes,2,opt,name=status,proto3" json:"status,omitempty"`
	Date       *timestamppb.Timestamp `protobuf:"bytes,3,opt,name=date,proto3" json:"date,omitempty"`
	Output     *structpb.Struct       `protobuf:"bytes,4,opt,name=output,proto3" json:"output,omitempty"`
	Statements []*StatementRef        `protobuf:"bytes,5,rep,name=statements,proto3" json:"statements,omitempty"`
	Error      *Error                 `protobuf:"bytes,6,opt,name=error,proto3" json:"error,omitempty"`
	Assessment *Assessment            `protobuf:"bytes,7,opt,name=assessment,proto3" json:"assessment,omitempty"`
	// contains filtered or unexported fields
}

func (*EvalResult) Descriptor deprecated 

func (*EvalResult) Descriptor() ([]byte, []int)

Deprecated: Use EvalResult.ProtoReflect.Descriptor instead.

func (*EvalResult) GetAssessment 

func (x *EvalResult) GetAssessment() *Assessment

func (*EvalResult) GetDate 

func (x *EvalResult) GetDate() *timestamppb.Timestamp

func (*EvalResult) GetError 

func (x *EvalResult) GetError() *Error

func (*EvalResult) GetId 

func (x *EvalResult) GetId() string

func (*EvalResult) GetOutput 

func (x *EvalResult) GetOutput() *structpb.Struct

func (*EvalResult) GetStatements 

func (x *EvalResult) GetStatements() []*StatementRef

func (*EvalResult) GetStatus 

func (x *EvalResult) GetStatus() string

func (*EvalResult) MarshalJSON 

func (er *EvalResult) MarshalJSON() ([]byte, error)

func (*EvalResult) ProtoMessage 

func (*EvalResult) ProtoMessage()

func (*EvalResult) ProtoReflect 

func (x *EvalResult) ProtoReflect() protoreflect.Message

func (*EvalResult) Reset 

func (x *EvalResult) Reset()

func (*EvalResult) String 

func (x *EvalResult) String() string

type FrameworkRef 

type FrameworkRef struct {
	Id         string                 `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`                 // String identifier for the framework
	Name       string                 `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`             // Security framework name
	Definition *v1.ResourceDescriptor `protobuf:"bytes,3,opt,name=definition,proto3" json:"definition,omitempty"` // Link to the framework definition
	// contains filtered or unexported fields
}

FrameworkRef is a reference to a security framework. The reference binds the controls tested by each the policy to the the framework definition.

func (*FrameworkRef) Descriptor deprecated 

func (*FrameworkRef) Descriptor() ([]byte, []int)

Deprecated: Use FrameworkRef.ProtoReflect.Descriptor instead.

func (*FrameworkRef) GetDefinition 

func (x *FrameworkRef) GetDefinition() *v1.ResourceDescriptor

func (*FrameworkRef) GetId 

func (x *FrameworkRef) GetId() string

func (*FrameworkRef) GetName 

func (x *FrameworkRef) GetName() string

func (*FrameworkRef) ProtoMessage 

func (*FrameworkRef) ProtoMessage()

func (*FrameworkRef) ProtoReflect 

func (x *FrameworkRef) ProtoReflect() protoreflect.Message

func (*FrameworkRef) Reset 

func (x *FrameworkRef) Reset()

func (*FrameworkRef) String 

func (x *FrameworkRef) String() string

type Identity 

type Identity struct {
	Id       string            `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	Sigstore *IdentitySigstore `protobuf:"bytes,2,opt,name=sigstore,proto3,oneof" json:"sigstore,omitempty"`
	Key      *IdentityKey      `protobuf:"bytes,3,opt,name=key,proto3,oneof" json:"key,omitempty"`
	Ref      *IdentityRef      `protobuf:"bytes,4,opt,name=ref,proto3,oneof" json:"ref,omitempty"`
	// contains filtered or unexported fields
}

func NewIdentityFromSlug 

func NewIdentityFromSlug(slug string) (*Identity, error)

NewIdentityFromSlug returns a new identity by parsing a slug string.

There are three kinds of identities supported: sigstore, key and reference.

func (*Identity) Descriptor deprecated 

func (*Identity) Descriptor() ([]byte, []int)

Deprecated: Use Identity.ProtoReflect.Descriptor instead.

func (*Identity) GetId 

func (x *Identity) GetId() string

func (*Identity) GetKey 

func (x *Identity) GetKey() *IdentityKey

func (*Identity) GetRef 

func (x *Identity) GetRef() *IdentityRef

func (*Identity) GetSigstore 

func (x *Identity) GetSigstore() *IdentitySigstore

func (*Identity) ProtoMessage 

func (*Identity) ProtoMessage()

func (*Identity) ProtoReflect 

func (x *Identity) ProtoReflect() protoreflect.Message

func (*Identity) Reset 

func (x *Identity) Reset()

func (*Identity) Slug 

func (i *Identity) Slug() string

Slug returns a string representing the identity

func (*Identity) String 

func (x *Identity) String() string

func (*Identity) Validate 

func (i *Identity) Validate() error

Validate checks the integrity of the identity and returns an error if fields are missing or invalid

type IdentityKey 

type IdentityKey struct {
	Id   string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`     // Key ID
	Type string `protobuf:"bytes,2,opt,name=type,proto3" json:"type,omitempty"` // Identity type
	Data string `protobuf:"bytes,3,opt,name=data,proto3" json:"data,omitempty"` // Public key data
	// contains filtered or unexported fields
}

IdentityKey registers the data of s key used to sign the attestations

func (*IdentityKey) Descriptor deprecated 

func (*IdentityKey) Descriptor() ([]byte, []int)

Deprecated: Use IdentityKey.ProtoReflect.Descriptor instead.

func (*IdentityKey) GetData 

func (x *IdentityKey) GetData() string

func (*IdentityKey) GetId 

func (x *IdentityKey) GetId() string

func (*IdentityKey) GetType 

func (x *IdentityKey) GetType() string

func (*IdentityKey) ProtoMessage 

func (*IdentityKey) ProtoMessage()

func (*IdentityKey) ProtoReflect 

func (x *IdentityKey) ProtoReflect() protoreflect.Message

func (*IdentityKey) Reset 

func (x *IdentityKey) Reset()

func (*IdentityKey) String 

func (x *IdentityKey) String() string

type IdentityRef 

type IdentityRef struct {
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// contains filtered or unexported fields
}

IdentityRef represents an external identity

func (*IdentityRef) Descriptor deprecated 

func (*IdentityRef) Descriptor() ([]byte, []int)

Deprecated: Use IdentityRef.ProtoReflect.Descriptor instead.

func (*IdentityRef) GetId 

func (x *IdentityRef) GetId() string

func (*IdentityRef) ProtoMessage 

func (*IdentityRef) ProtoMessage()

func (*IdentityRef) ProtoReflect 

func (x *IdentityRef) ProtoReflect() protoreflect.Message

func (*IdentityRef) Reset 

func (x *IdentityRef) Reset()

func (*IdentityRef) String 

func (x *IdentityRef) String() string

type IdentitySigstore 

type IdentitySigstore struct {
	Mode     *string `protobuf:"bytes,1,opt,name=mode,proto3,oneof" json:"mode,omitempty"`   // exact | regexp
	Issuer   string  `protobuf:"bytes,2,opt,name=issuer,proto3" json:"issuer,omitempty"`     // https://accounts.google.com
	Identity string  `protobuf:"bytes,3,opt,name=identity,proto3" json:"identity,omitempty"` //  "identity": "puerco@gmail.com"
	// contains filtered or unexported fields
}

IdentitySigstore represents the identity of a fulcio cert.

func (*IdentitySigstore) Descriptor deprecated 

func (*IdentitySigstore) Descriptor() ([]byte, []int)

Deprecated: Use IdentitySigstore.ProtoReflect.Descriptor instead.

func (*IdentitySigstore) GetIdentity 

func (x *IdentitySigstore) GetIdentity() string

func (*IdentitySigstore) GetIssuer 

func (x *IdentitySigstore) GetIssuer() string

func (*IdentitySigstore) GetMode 

func (x *IdentitySigstore) GetMode() string

func (*IdentitySigstore) ProtoMessage 

func (*IdentitySigstore) ProtoMessage()

func (*IdentitySigstore) ProtoReflect 

func (x *IdentitySigstore) ProtoReflect() protoreflect.Message

func (*IdentitySigstore) Reset 

func (x *IdentitySigstore) Reset()

func (*IdentitySigstore) String 

func (x *IdentitySigstore) String() string

type Meta 

type Meta struct {
	Runtime     string                 `protobuf:"bytes,1,opt,name=runtime,proto3" json:"runtime,omitempty"`
	Description string                 `protobuf:"bytes,2,opt,name=description,proto3" json:"description,omitempty"`
	AssertMode  string                 `protobuf:"bytes,3,opt,name=assert_mode,json=assertMode,proto3" json:"assert_mode,omitempty"`
	Controls    []*Control             `protobuf:"bytes,4,rep,name=controls,proto3" json:"controls,omitempty"`
	Version     int64                  `protobuf:"varint,5,opt,name=version,proto3" json:"version,omitempty"`
	Enforce     string                 `protobuf:"bytes,6,opt,name=enforce,proto3" json:"enforce,omitempty"`
	Expiration  *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=expiration,proto3,oneof" json:"expiration,omitempty"`
	// contains filtered or unexported fields
}

Meta contains information about the policy itself

func (*Meta) Descriptor deprecated 

func (*Meta) Descriptor() ([]byte, []int)

Deprecated: Use Meta.ProtoReflect.Descriptor instead.

func (*Meta) GetAssertMode 

func (x *Meta) GetAssertMode() string

func (*Meta) GetControls 

func (x *Meta) GetControls() []*Control

func (*Meta) GetDescription 

func (x *Meta) GetDescription() string

func (*Meta) GetEnforce 

func (x *Meta) GetEnforce() string

func (*Meta) GetExpiration 

func (x *Meta) GetExpiration() *timestamppb.Timestamp

func (*Meta) GetRuntime 

func (x *Meta) GetRuntime() string

func (*Meta) GetVersion 

func (x *Meta) GetVersion() int64

func (*Meta) ProtoMessage 

func (*Meta) ProtoMessage()

func (*Meta) ProtoReflect 

func (x *Meta) ProtoReflect() protoreflect.Message

func (*Meta) Reset 

func (x *Meta) Reset()

func (*Meta) String 

func (x *Meta) String() string

type Output 

type Output struct {
	Code  string          `protobuf:"bytes,1,opt,name=code,proto3" json:"code,omitempty"`
	Value *structpb.Value `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"`
	// contains filtered or unexported fields
}

func (*Output) Descriptor deprecated 

func (*Output) Descriptor() ([]byte, []int)

Deprecated: Use Output.ProtoReflect.Descriptor instead.

func (*Output) GetCode 

func (x *Output) GetCode() string

func (*Output) GetValue 

func (x *Output) GetValue() *structpb.Value

func (*Output) ProtoMessage 

func (*Output) ProtoMessage()

func (*Output) ProtoReflect 

func (x *Output) ProtoReflect() protoreflect.Message

func (*Output) Reset 

func (x *Output) Reset()

func (*Output) String 

func (x *Output) String() string

type Policy 

type Policy struct {
	Id           string                 `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	Source       *PolicyRef             `protobuf:"bytes,2,opt,name=source,proto3" json:"source,omitempty"`
	Meta         *Meta                  `protobuf:"bytes,3,opt,name=meta,proto3" json:"meta,omitempty"`
	Context      map[string]*ContextVal `` /* 141-byte string literal not displayed */
	Chain        []*ChainLink           `protobuf:"bytes,5,rep,name=chain,proto3" json:"chain,omitempty"`
	Identities   []*Identity            `protobuf:"bytes,6,rep,name=identities,proto3" json:"identities,omitempty"`
	Predicates   *PredicateSpec         `protobuf:"bytes,7,opt,name=predicates,proto3" json:"predicates,omitempty"`
	Transformers []*Transformer         `protobuf:"bytes,8,rep,name=transformers,proto3" json:"transformers,omitempty"`
	Tenets       []*Tenet               `protobuf:"bytes,9,rep,name=tenets,proto3" json:"tenets,omitempty"`
	// contains filtered or unexported fields
}

func (*Policy) ContextMap 

func (c *Policy) ContextMap() map[string]any

ContextMap compiles the context data values into a map, filling the fields with their defaults when needed.

func (*Policy) Descriptor deprecated 

func (*Policy) Descriptor() ([]byte, []int)

Deprecated: Use Policy.ProtoReflect.Descriptor instead.

func (*Policy) GetChain 

func (x *Policy) GetChain() []*ChainLink

func (*Policy) GetContext 

func (x *Policy) GetContext() map[string]*ContextVal

func (*Policy) GetId 

func (x *Policy) GetId() string

func (*Policy) GetIdentities 

func (x *Policy) GetIdentities() []*Identity

func (*Policy) GetMeta 

func (x *Policy) GetMeta() *Meta

func (*Policy) GetPredicates 

func (x *Policy) GetPredicates() *PredicateSpec

func (*Policy) GetSource 

func (x *Policy) GetSource() *PolicyRef

func (*Policy) GetTenets 

func (x *Policy) GetTenets() []*Tenet

func (*Policy) GetTransformers 

func (x *Policy) GetTransformers() []*Transformer

func (*Policy) ProtoMessage 

func (*Policy) ProtoMessage()

func (*Policy) ProtoReflect 

func (x *Policy) ProtoReflect() protoreflect.Message

func (*Policy) Reset 

func (x *Policy) Reset()

func (*Policy) String 

func (x *Policy) String() string

func (*Policy) TestsControl 

func (policy *Policy) TestsControl(ctrl *Control) bool

func (*Policy) Validate 

func (p *Policy) Validate() error

type PolicyRef 

type PolicyRef struct {
	Id       string                 `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	Version  int64                  `protobuf:"varint,2,opt,name=version,proto3" json:"version,omitempty"`
	Identity *Identity              `protobuf:"bytes,3,opt,name=identity,proto3" json:"identity,omitempty"`
	Location *v1.ResourceDescriptor `protobuf:"bytes,4,opt,name=location,proto3" json:"location,omitempty"`
	// contains filtered or unexported fields
}

func (*PolicyRef) Descriptor deprecated 

func (*PolicyRef) Descriptor() ([]byte, []int)

Deprecated: Use PolicyRef.ProtoReflect.Descriptor instead.

func (*PolicyRef) GetId 

func (x *PolicyRef) GetId() string

func (*PolicyRef) GetIdentity 

func (x *PolicyRef) GetIdentity() *Identity

func (*PolicyRef) GetLocation 

func (x *PolicyRef) GetLocation() *v1.ResourceDescriptor

func (*PolicyRef) GetSourceURL 

func (ref *PolicyRef) GetSourceURL() string

GetSourceURL returns the URL to fetch the policy. First, it will try the DownloadLocation, if empty returns the UR

func (*PolicyRef) GetVersion 

func (x *PolicyRef) GetVersion() int64

func (*PolicyRef) ProtoMessage 

func (*PolicyRef) ProtoMessage()

func (*PolicyRef) ProtoReflect 

func (x *PolicyRef) ProtoReflect() protoreflect.Message

func (*PolicyRef) Reset 

func (x *PolicyRef) Reset()

func (*PolicyRef) String 

func (x *PolicyRef) String() string

func (*PolicyRef) Validate 

func (ref *PolicyRef) Validate() error

Validate returns an error if the reference is not valid

type PolicySet 

type PolicySet struct {
	Id       string           `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	Meta     *PolicySetMeta   `protobuf:"bytes,2,opt,name=meta,proto3" json:"meta,omitempty"`
	Common   *PolicySetCommon `protobuf:"bytes,3,opt,name=common,proto3" json:"common,omitempty"`
	Policies []*Policy        `protobuf:"bytes,4,rep,name=policies,proto3" json:"policies,omitempty"`
	// contains filtered or unexported fields
}

func (*PolicySet) ContextMap 

func (s *PolicySet) ContextMap() map[string]any

ContextMap compiles the context data values into a map, filling the fields with their defaults when needed.

func (*PolicySet) Descriptor deprecated 

func (*PolicySet) Descriptor() ([]byte, []int)

Deprecated: Use PolicySet.ProtoReflect.Descriptor instead.

func (*PolicySet) GetCommon 

func (x *PolicySet) GetCommon() *PolicySetCommon

func (*PolicySet) GetData 

func (set *PolicySet) GetData() []byte

GetData returns the policy set data marshaled as json.

func (*PolicySet) GetId 

func (x *PolicySet) GetId() string

func (*PolicySet) GetMeta 

func (x *PolicySet) GetMeta() *PolicySetMeta

func (*PolicySet) GetOrigin 

func (set *PolicySet) GetOrigin() attestation.Subject

GetOrigin returns the coordinates where the predicate data originated when the policyset is wrapped in an attestation. At some point this should return the original repo where the set was read from.

func (*PolicySet) GetParsed 

func (set *PolicySet) GetParsed() any

GetParsed returns the PolicySet go struct.

func (*PolicySet) GetPolicies 

func (x *PolicySet) GetPolicies() []*Policy

func (*PolicySet) GetType 

func (set *PolicySet) GetType() attestation.PredicateType

func (*PolicySet) GetVerification 

func (set *PolicySet) GetVerification() attestation.Verification

GetVerification returns the signature verification generated from the envelope parser. The verification may contain details about the integrity, identity and signature guarding the PolicySet.

func (*PolicySet) ProtoMessage 

func (*PolicySet) ProtoMessage()

func (*PolicySet) ProtoReflect 

func (x *PolicySet) ProtoReflect() protoreflect.Message

func (*PolicySet) Reset 

func (x *PolicySet) Reset()

func (*PolicySet) SetOrigin 

func (set *PolicySet) SetOrigin(attestation.Subject)

func (*PolicySet) SetType 

func (set *PolicySet) SetType(attestation.PredicateType) error

func (*PolicySet) SetVerification 

func (set *PolicySet) SetVerification(attestation.Verification)

SetVerification gets the signature verification data from the envelope parser before discarding the envelope. This is supposed the be stored for later retrieval. Note: Currently NOOP.

func (*PolicySet) String 

func (x *PolicySet) String() string

func (*PolicySet) Validate 

func (set *PolicySet) Validate() error

type PolicySetCommon 

type PolicySetCommon struct {
	Identities []*Identity            `protobuf:"bytes,1,rep,name=identities,proto3" json:"identities,omitempty"`
	References []*PolicyRef           `protobuf:"bytes,2,rep,name=references,proto3" json:"references,omitempty"`
	Context    map[string]*ContextVal `` /* 141-byte string literal not displayed */
	// contains filtered or unexported fields
}

func (*PolicySetCommon) Descriptor deprecated 

func (*PolicySetCommon) Descriptor() ([]byte, []int)

Deprecated: Use PolicySetCommon.ProtoReflect.Descriptor instead.

func (*PolicySetCommon) GetContext 

func (x *PolicySetCommon) GetContext() map[string]*ContextVal

func (*PolicySetCommon) GetIdentities 

func (x *PolicySetCommon) GetIdentities() []*Identity

func (*PolicySetCommon) GetReferences 

func (x *PolicySetCommon) GetReferences() []*PolicyRef

func (*PolicySetCommon) ProtoMessage 

func (*PolicySetCommon) ProtoMessage()

func (*PolicySetCommon) ProtoReflect 

func (x *PolicySetCommon) ProtoReflect() protoreflect.Message

func (*PolicySetCommon) Reset 

func (x *PolicySetCommon) Reset()

func (*PolicySetCommon) String 

func (x *PolicySetCommon) String() string

type PolicySetMeta 

type PolicySetMeta struct {
	Runtime     string                 `protobuf:"bytes,1,opt,name=runtime,proto3" json:"runtime,omitempty"`
	Description string                 `protobuf:"bytes,2,opt,name=description,proto3" json:"description,omitempty"`
	Expiration  *timestamppb.Timestamp `protobuf:"bytes,3,opt,name=expiration,proto3" json:"expiration,omitempty"`
	Version     int64                  `protobuf:"varint,4,opt,name=version,proto3" json:"version,omitempty"`
	Enforce     string                 `protobuf:"bytes,5,opt,name=enforce,proto3" json:"enforce,omitempty"`
	Frameworks  []*FrameworkRef        `protobuf:"bytes,6,rep,name=frameworks,proto3" json:"frameworks,omitempty"`
	// contains filtered or unexported fields
}

func (*PolicySetMeta) Descriptor deprecated 

func (*PolicySetMeta) Descriptor() ([]byte, []int)

Deprecated: Use PolicySetMeta.ProtoReflect.Descriptor instead.

func (*PolicySetMeta) GetDescription 

func (x *PolicySetMeta) GetDescription() string

func (*PolicySetMeta) GetEnforce 

func (x *PolicySetMeta) GetEnforce() string

func (*PolicySetMeta) GetExpiration 

func (x *PolicySetMeta) GetExpiration() *timestamppb.Timestamp

func (*PolicySetMeta) GetFrameworks 

func (x *PolicySetMeta) GetFrameworks() []*FrameworkRef

func (*PolicySetMeta) GetRuntime 

func (x *PolicySetMeta) GetRuntime() string

func (*PolicySetMeta) GetVersion 

func (x *PolicySetMeta) GetVersion() int64

func (*PolicySetMeta) ProtoMessage 

func (*PolicySetMeta) ProtoMessage()

func (*PolicySetMeta) ProtoReflect 

func (x *PolicySetMeta) ProtoReflect() protoreflect.Message

func (*PolicySetMeta) Reset 

func (x *PolicySetMeta) Reset()

func (*PolicySetMeta) String 

func (x *PolicySetMeta) String() string

type PredicateSpec 

type PredicateSpec struct {
	Types []string `protobuf:"bytes,1,rep,name=types,proto3" json:"types,omitempty"`
	Limit int32    `protobuf:"varint,2,opt,name=limit,proto3" json:"limit,omitempty"`
	// contains filtered or unexported fields
}

func (*PredicateSpec) Descriptor deprecated 

func (*PredicateSpec) Descriptor() ([]byte, []int)

Deprecated: Use PredicateSpec.ProtoReflect.Descriptor instead.

func (*PredicateSpec) GetLimit 

func (x *PredicateSpec) GetLimit() int32

func (*PredicateSpec) GetTypes 

func (x *PredicateSpec) GetTypes() []string

func (*PredicateSpec) ProtoMessage 

func (*PredicateSpec) ProtoMessage()

func (*PredicateSpec) ProtoReflect 

func (x *PredicateSpec) ProtoReflect() protoreflect.Message

func (*PredicateSpec) Reset 

func (x *PredicateSpec) Reset()

func (*PredicateSpec) String 

func (x *PredicateSpec) String() string

type Result 

type Result struct {
	Status      string                 `protobuf:"bytes,1,opt,name=status,proto3" json:"status,omitempty"`
	DateStart   *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=date_start,json=dateStart,proto3" json:"date_start,omitempty"`
	DateEnd     *timestamppb.Timestamp `protobuf:"bytes,3,opt,name=date_end,json=dateEnd,proto3" json:"date_end,omitempty"`
	Policy      *PolicyRef             `protobuf:"bytes,4,opt,name=policy,proto3" json:"policy,omitempty"`
	EvalResults []*EvalResult          `protobuf:"bytes,5,rep,name=eval_results,json=evalResults,proto3" json:"eval_results,omitempty"`
	Meta        *Meta                  `protobuf:"bytes,6,opt,name=meta,proto3" json:"meta,omitempty"`
	Context     *structpb.Struct       `protobuf:"bytes,7,opt,name=context,proto3" json:"context,omitempty"`
	Chain       []*ChainedSubject      `protobuf:"bytes,8,rep,name=chain,proto3" json:"chain,omitempty"`
	Subject     *v1.ResourceDescriptor `protobuf:"bytes,9,opt,name=subject,proto3" json:"subject,omitempty"`
	// contains filtered or unexported fields
}

func (*Result) Descriptor deprecated 

func (*Result) Descriptor() ([]byte, []int)

Deprecated: Use Result.ProtoReflect.Descriptor instead.

func (*Result) GetChain 

func (x *Result) GetChain() []*ChainedSubject

func (*Result) GetContext 

func (x *Result) GetContext() *structpb.Struct

func (*Result) GetDateEnd 

func (x *Result) GetDateEnd() *timestamppb.Timestamp

func (*Result) GetDateStart 

func (x *Result) GetDateStart() *timestamppb.Timestamp

func (*Result) GetEvalResults 

func (x *Result) GetEvalResults() []*EvalResult

func (*Result) GetMeta 

func (x *Result) GetMeta() *Meta

func (*Result) GetPolicy 

func (x *Result) GetPolicy() *PolicyRef

func (*Result) GetStatus 

func (x *Result) GetStatus() string

func (*Result) GetSubject 

func (x *Result) GetSubject() *v1.ResourceDescriptor

func (*Result) MarshalJSON 

func (r *Result) MarshalJSON() ([]byte, error)

func (*Result) ProtoMessage 

func (*Result) ProtoMessage()

func (*Result) ProtoReflect 

func (x *Result) ProtoReflect() protoreflect.Message

func (*Result) Reset 

func (x *Result) Reset()

func (*Result) String 

func (x *Result) String() string

type ResultSet 

type ResultSet struct {
	Id        string                 `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	Meta      *PolicySetMeta         `protobuf:"bytes,2,opt,name=meta,proto3" json:"meta,omitempty"`
	Status    string                 `protobuf:"bytes,3,opt,name=status,proto3" json:"status,omitempty"`
	DateStart *timestamppb.Timestamp `protobuf:"bytes,4,opt,name=date_start,json=dateStart,proto3" json:"date_start,omitempty"`
	DateEnd   *timestamppb.Timestamp `protobuf:"bytes,5,opt,name=date_end,json=dateEnd,proto3" json:"date_end,omitempty"`
	Subject   *v1.ResourceDescriptor `protobuf:"bytes,6,opt,name=subject,proto3" json:"subject,omitempty"`
	Results   []*Result              `protobuf:"bytes,7,rep,name=results,proto3" json:"results,omitempty"`
	// contains filtered or unexported fields
}

func (*ResultSet) Assert 

func (rs *ResultSet) Assert() error

Assert reads the set's results and computes the finish date and set eval status.

func (*ResultSet) Descriptor deprecated 

func (*ResultSet) Descriptor() ([]byte, []int)

Deprecated: Use ResultSet.ProtoReflect.Descriptor instead.

func (*ResultSet) GetDateEnd 

func (x *ResultSet) GetDateEnd() *timestamppb.Timestamp

func (*ResultSet) GetDateStart 

func (x *ResultSet) GetDateStart() *timestamppb.Timestamp

func (*ResultSet) GetId 

func (x *ResultSet) GetId() string

func (*ResultSet) GetMeta 

func (x *ResultSet) GetMeta() *PolicySetMeta

func (*ResultSet) GetResults 

func (x *ResultSet) GetResults() []*Result

func (*ResultSet) GetStatus 

func (x *ResultSet) GetStatus() string

func (*ResultSet) GetSubject 

func (x *ResultSet) GetSubject() *v1.ResourceDescriptor

func (*ResultSet) MarshalJSON 

func (rs *ResultSet) MarshalJSON() ([]byte, error)

func (*ResultSet) ProtoMessage 

func (*ResultSet) ProtoMessage()

func (*ResultSet) ProtoReflect 

func (x *ResultSet) ProtoReflect() protoreflect.Message

func (*ResultSet) Reset 

func (x *ResultSet) Reset()

func (*ResultSet) String 

func (x *ResultSet) String() string

type Results 

type Results interface {
	GetStatus() string
}

type SignatureVerification 

type SignatureVerification struct {

	// Date when the verification was performed
	Date *timestamppb.Timestamp `protobuf:"bytes,1,opt,name=date,proto3" json:"date,omitempty"`
	// SignatureVerified is set to true when a hash's signature was verified
	// with at least one key or cert. Verified does not imply any identity check.
	Verified bool `protobuf:"varint,2,opt,name=verified,proto3" json:"verified,omitempty"`
	// Identities has a list of the identities (sigstore signers or keys)
	// that signed the object.
	Identities []*Identity `protobuf:"bytes,3,rep,name=Identities,proto3" json:"Identities,omitempty"`
	// contains filtered or unexported fields
}

func (*SignatureVerification) Descriptor deprecated 

func (*SignatureVerification) Descriptor() ([]byte, []int)

Deprecated: Use SignatureVerification.ProtoReflect.Descriptor instead.

func (*SignatureVerification) GetDate 

func (x *SignatureVerification) GetDate() *timestamppb.Timestamp

func (*SignatureVerification) GetIdentities 

func (x *SignatureVerification) GetIdentities() []*Identity

func (*SignatureVerification) GetVerified 

func (x *SignatureVerification) GetVerified() bool

func (*SignatureVerification) MatchesIdentity 

func (sv *SignatureVerification) MatchesIdentity(id *Identity) bool

HasIdentity returns true if one of the verifiers matches the passed identity

func (*SignatureVerification) MatchesKeyIdentity 

func (sv *SignatureVerification) MatchesKeyIdentity(keyIdentity *IdentityKey) bool

MatchesKeyIdentity returns true if one of the verified signatures was performed with the specified key.

func (*SignatureVerification) MatchesSigstoreIdentity 

func (sv *SignatureVerification) MatchesSigstoreIdentity(id *IdentitySigstore) bool

HasIdentity returns true if one of the verifiers matches the passed sigstore identity.

func (*SignatureVerification) ProtoMessage 

func (*SignatureVerification) ProtoMessage()

func (*SignatureVerification) ProtoReflect 

func (x *SignatureVerification) ProtoReflect() protoreflect.Message

func (*SignatureVerification) Reset 

func (x *SignatureVerification) Reset()

func (*SignatureVerification) String 

func (x *SignatureVerification) String() string

type StatementRef 

type StatementRef struct {
	Type        string                 `protobuf:"bytes,1,opt,name=type,proto3" json:"type,omitempty"`
	Attestation *v1.ResourceDescriptor `protobuf:"bytes,2,opt,name=attestation,proto3" json:"attestation,omitempty"`
	// contains filtered or unexported fields
}

func (*StatementRef) Descriptor deprecated 

func (*StatementRef) Descriptor() ([]byte, []int)

Deprecated: Use StatementRef.ProtoReflect.Descriptor instead.

func (*StatementRef) GetAttestation 

func (x *StatementRef) GetAttestation() *v1.ResourceDescriptor

func (*StatementRef) GetType 

func (x *StatementRef) GetType() string

func (*StatementRef) ProtoMessage 

func (*StatementRef) ProtoMessage()

func (*StatementRef) ProtoReflect 

func (x *StatementRef) ProtoReflect() protoreflect.Message

func (*StatementRef) Reset 

func (x *StatementRef) Reset()

func (*StatementRef) String 

func (x *StatementRef) String() string

type Tenet 

type Tenet struct {
	Id         string             `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	Runtime    string             `protobuf:"bytes,2,opt,name=runtime,proto3" json:"runtime,omitempty"`
	Code       string             `protobuf:"bytes,3,opt,name=code,proto3" json:"code,omitempty"`
	Predicates *PredicateSpec     `protobuf:"bytes,4,opt,name=predicates,proto3" json:"predicates,omitempty"`
	Outputs    map[string]*Output `` /* 141-byte string literal not displayed */
	Error      *Error             `protobuf:"bytes,6,opt,name=error,proto3" json:"error,omitempty"`
	Title      string             `protobuf:"bytes,7,opt,name=title,proto3" json:"title,omitempty"`
	Assessment *Assessment        `protobuf:"bytes,8,opt,name=assessment,proto3" json:"assessment,omitempty"`
	// contains filtered or unexported fields
}

Tenet

func (*Tenet) Descriptor deprecated 

func (*Tenet) Descriptor() ([]byte, []int)

Deprecated: Use Tenet.ProtoReflect.Descriptor instead.

func (*Tenet) GetAssessment 

func (x *Tenet) GetAssessment() *Assessment

func (*Tenet) GetCode 

func (x *Tenet) GetCode() string

func (*Tenet) GetError 

func (x *Tenet) GetError() *Error

func (*Tenet) GetId 

func (x *Tenet) GetId() string

func (*Tenet) GetOutputs 

func (x *Tenet) GetOutputs() map[string]*Output

func (*Tenet) GetPredicates 

func (x *Tenet) GetPredicates() *PredicateSpec

func (*Tenet) GetRuntime 

func (x *Tenet) GetRuntime() string

func (*Tenet) GetTitle 

func (x *Tenet) GetTitle() string

func (*Tenet) ProtoMessage 

func (*Tenet) ProtoMessage()

func (*Tenet) ProtoReflect 

func (x *Tenet) ProtoReflect() protoreflect.Message

func (*Tenet) Reset 

func (x *Tenet) Reset()

func (*Tenet) String 

func (x *Tenet) String() string

type Transformer 

type Transformer struct {
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// contains filtered or unexported fields
}

Este hay que arreglarlo

func (*Transformer) Descriptor deprecated 

func (*Transformer) Descriptor() ([]byte, []int)

Deprecated: Use Transformer.ProtoReflect.Descriptor instead.

func (*Transformer) GetId 

func (x *Transformer) GetId() string

func (*Transformer) ProtoMessage 

func (*Transformer) ProtoMessage()

func (*Transformer) ProtoReflect 

func (x *Transformer) ProtoReflect() protoreflect.Message

func (*Transformer) Reset 

func (x *Transformer) Reset()

func (*Transformer) String 

func (x *Transformer) String() string

type Verification 

type Verification struct {
	Signature *SignatureVerification `protobuf:"bytes,1,opt,name=signature,proto3" json:"signature,omitempty"`
	// contains filtered or unexported fields
}

Results of the signature verification process

func (*Verification) Descriptor deprecated 

func (*Verification) Descriptor() ([]byte, []int)

Deprecated: Use Verification.ProtoReflect.Descriptor instead.

func (*Verification) GetSignature 

func (x *Verification) GetSignature() *SignatureVerification

func (*Verification) GetVerified 

func (v *Verification) GetVerified() bool

func (*Verification) MatchesIdentity 

func (v *Verification) MatchesIdentity(rawID any) bool

MatchesIdentity returns true if one of the verified signatures matches the identity.

func (*Verification) ProtoMessage 

func (*Verification) ProtoMessage()

func (*Verification) ProtoReflect 

func (x *Verification) ProtoReflect() protoreflect.Message

func (*Verification) Reset 

func (x *Verification) Reset()

func (*Verification) String 

func (x *Verification) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.