chainloop

package

v0.96.3 Latest Latest Go to latest Published: Aug 23, 2024 License: Apache-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/chainloop-dev/chainloop

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func ExtractStatement(envelope *dsse.Envelope) (*intoto.Statement, error)
type Maintainer
type Metadata
type NormalizablePredicate
- func ExtractPredicate(envelope *dsse.Envelope) (NormalizablePredicate, error)
type NormalizedMaterial
type ProvenancePredicateCommon
type ProvenancePredicateV02
- func (p *ProvenancePredicateV02) GetMaterials() []*NormalizedMaterial
- func (p *ProvenancePredicateV02) GetPolicyEvaluations() map[string][]*v1.PolicyEvaluation
type RendererCommon
type RendererV02
- func NewChainloopRendererV02(att *v1.Attestation, builderVersion, builderDigest string) *RendererV02
- func (r *RendererV02) Statement() (*intoto.Statement, error)

Constants ¶

View Source

const PredicateTypeV02 = "chainloop.dev/attestation/v0.2"

Replace custom material type with https://github.com/in-toto/attestation/blob/main/spec/v1.0/resource_descriptor.md

View Source

const (

	// Subject names
	SubjectGitHead = "git.head"
)

Variables ¶

View Source

var (
	AnnotationMaterialType = prefixed("material.type")
	AnnotationMaterialName = prefixed("material.name")
	AnnotationMaterialCAS  = prefixed("material.cas")
)

Functions ¶

func ExtractStatement ¶

func ExtractStatement(envelope *dsse.Envelope) (*intoto.Statement, error)

Types ¶

type Maintainer ¶

type Maintainer struct {
	Name  string `json:"name"`
	Email string `json:"email"`
}

type Metadata ¶

type Metadata struct {
	Name          string     `json:"name"`
	Project       string     `json:"project"`
	Team          string     `json:"team"`
	InitializedAt *time.Time `json:"initializedAt"`
	FinishedAt    *time.Time `json:"finishedAt"`
	WorkflowRunID string     `json:"workflowRunID"`
	WorkflowID    string     `json:"workflowID"`
	Organization  string     `json:"organization"`
}

type NormalizablePredicate ¶

type NormalizablePredicate interface {
	GetAnnotations() map[string]string
	GetEnvVars() map[string]string
	GetMaterials() []*NormalizedMaterial
	GetRunLink() string
	GetMetadata() *Metadata
	GetPolicyEvaluations() map[string][]*v1.PolicyEvaluation
}

NormalizablePredicate represents a common interface of how to extract materials and env vars

func ExtractPredicate ¶

func ExtractPredicate(envelope *dsse.Envelope) (NormalizablePredicate, error)

Extract the Chainloop attestation predicate from an encoded DSSE envelope NOTE: We return a NormalizablePredicate interface to allow for future versions of the predicate to be extracted without updating the consumer. Yes, having the producer define and return an interface is an anti-pattern. but it greatly simplifies the code since there are multiple consumers at different layers of the app and we expect predicates to evolve quickly

type NormalizedMaterial ¶

type NormalizedMaterial struct {
	// Name of the Material
	Name string
	// Type of the Material
	Type string
	// filename of the artifact that was either uploaded or injected inline in "value"
	Filename string
	// Inline content for an artifact or string material
	Value string
	// Hash of the Material
	Hash *crv1.Hash
	// Tag of the container image
	Tag string
	// Whether the Material was uploaded and available for download from CAS
	UploadedToCAS bool
	// Whether the Material was embedded inline in the attestation
	EmbeddedInline bool
	// Custom annotations
	Annotations map[string]string
}

type ProvenancePredicateCommon ¶

type ProvenancePredicateCommon struct {
	Metadata   *Metadata         `json:"metadata"`
	Builder    *builder          `json:"builder"`
	BuildType  string            `json:"buildType"`
	Env        map[string]string `json:"env,omitempty"`
	RunnerType string            `json:"runnerType"`
	RunnerURL  string            `json:"runnerURL,omitempty"`
	// Custom annotations
	Annotations map[string]string `json:"annotations,omitempty"`
}

func (*ProvenancePredicateCommon) GetAnnotations ¶

func (p *ProvenancePredicateCommon) GetAnnotations() map[string]string

func (*ProvenancePredicateCommon) GetEnvVars ¶

func (p *ProvenancePredicateCommon) GetEnvVars() map[string]string

Implement NormalizablePredicate interface

func (*ProvenancePredicateCommon) GetMetadata ¶

func (p *ProvenancePredicateCommon) GetMetadata() *Metadata

func (*ProvenancePredicateCommon) GetRunLink ¶

func (p *ProvenancePredicateCommon) GetRunLink() string

type ProvenancePredicateV02 ¶

type ProvenancePredicateV02 struct {
	*ProvenancePredicateCommon
	Materials []*intoto.ResourceDescriptor `json:"materials,omitempty"`
	// Map materials and policies
	PolicyEvaluations map[string][]*v1.PolicyEvaluation `json:"policy_evaluations,omitempty"`
}

func (*ProvenancePredicateV02) GetMaterials ¶

func (p *ProvenancePredicateV02) GetMaterials() []*NormalizedMaterial

Implement NormalizablePredicate interface

func (*ProvenancePredicateV02) GetPolicyEvaluations ¶

func (p *ProvenancePredicateV02) GetPolicyEvaluations() map[string][]*v1.PolicyEvaluation

type RendererCommon ¶

type RendererCommon struct {
	// contains filtered or unexported fields
}

type RendererV02 ¶

type RendererV02 struct {
	*RendererCommon
}

func NewChainloopRendererV02 ¶

func NewChainloopRendererV02(att *v1.Attestation, builderVersion, builderDigest string) *RendererV02

func (*RendererV02) Statement ¶

func (r *RendererV02) Statement() (*intoto.Statement, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL