materials

package
v1.51.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 31, 2025 License: Apache-2.0 Imports: 45 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	CategorySecurityIncidentResponse = "csaf_security_incident_response"
	CategoryInformationalAdvisory    = "csaf_informational_advisory"
	CategorySecurityAdvisory         = "csaf_security_advisory"
	CategoryVEX                      = "csaf_vex"
)
View Source 
const (
	AnnotationToolNameKey    = "chainloop.material.tool.name"
	AnnotationToolVersionKey = "chainloop.material.tool.version"
	AnnotationToolsKey       = "chainloop.material.tools"
)

Variables

View Source 
var (
	// ErrInvalidMaterialType is returned when the provided material type
	// is not from the kind we are expecting
	ErrInvalidMaterialType = fmt.Errorf("unexpected material type")
	// ErrBaseUploadAndCraft is returned as a base error when the upload and craft of a material fails
	ErrBaseUploadAndCraft = errors.New("upload and craft error")
)

Functions

func Craft 

func Craft(ctx context.Context, materialSchema *schemaapi.CraftingSchema_Material, value string, casBackend *casclient.CASBackend, ociAuth authn.Keychain, logger *zerolog.Logger) (*api.Attestation_Material, error)

func IsLegacyAnnotation added in v1.50.0 

func IsLegacyAnnotation(key string) bool

IsLegacyAnnotation returns true if the annotation key is a legacy annotation

func SetToolsAnnotation added in v1.50.0 

func SetToolsAnnotation(m *api.Attestation_Material, tools []Tool)

SetToolsAnnotation sets the tools annotation as a JSON array in "name@version" format

Types

type ArtifactCrafter 

type ArtifactCrafter struct {
	// contains filtered or unexported fields
}

func NewArtifactCrafter 

func NewArtifactCrafter(schema *schemaapi.CraftingSchema_Material, backend *casclient.CASBackend, l *zerolog.Logger) (*ArtifactCrafter, error)

func (*ArtifactCrafter) Craft 

func (i *ArtifactCrafter) Craft(ctx context.Context, artifactPath string) (*api.Attestation_Material, error)

Craft will calculate the digest of the artifact, simulate an upload and return the material definition

type AttestationCrafter 

type AttestationCrafter struct {
	// contains filtered or unexported fields
}

func NewAttestationCrafter 

func NewAttestationCrafter(schema *schemaapi.CraftingSchema_Material, backend *casclient.CASBackend, l *zerolog.Logger) (*AttestationCrafter, error)

NewAttestationCrafter generates a new Attestation material. Attestation materials represent a chainloop attestation submitted in a different workflow. This is useful to link related workflow runs. For instance, the deployment of different microservices coming from a common build workflow.

func (*AttestationCrafter) Craft 

func (i *AttestationCrafter) Craft(ctx context.Context, artifactPath string) (*api.Attestation_Material, error)

Craft will calculate the digest of the artifact, simulate an upload and return the material definition

type BlackduckSCAJSONCrafter added in v0.96.14 

type BlackduckSCAJSONCrafter struct {
	// contains filtered or unexported fields
}

func NewBlackduckSCAJSONCrafter added in v0.96.14 

func NewBlackduckSCAJSONCrafter(materialSchema *schemaapi.CraftingSchema_Material, backend *casclient.CASBackend, l *zerolog.Logger) (*BlackduckSCAJSONCrafter, error)

func (*BlackduckSCAJSONCrafter) Craft added in v0.96.14 

func (i *BlackduckSCAJSONCrafter) Craft(ctx context.Context, filePath string) (*api.Attestation_Material, error)

type CSAFCrafter 

type CSAFCrafter struct {
	// contains filtered or unexported fields
}

CSAFCrafter is a crafter for CSAF VEX, CSAF Informational Advisory, CSAF Security Incident Response, and CSAF Security Advisory material types. It implements the Crafter interface.

func NewCSAFInformationalAdvisoryCrafter 

func NewCSAFInformationalAdvisoryCrafter(materialSchema *schemaapi.CraftingSchema_Material, backend *casclient.CASBackend, l *zerolog.Logger) (*CSAFCrafter, error)

NewCSAFInformationalAdvisoryCrafter creates a new CSAF Informational Advisory crafter

func NewCSAFSecurityAdvisoryCrafter 

func NewCSAFSecurityAdvisoryCrafter(materialSchema *schemaapi.CraftingSchema_Material, backend *casclient.CASBackend, l *zerolog.Logger) (*CSAFCrafter, error)

NewCSAFSecurityAdvisoryCrafter creates a new CSAF Security Advisory crafter

func NewCSAFSecurityIncidentResponseCrafter 

func NewCSAFSecurityIncidentResponseCrafter(materialSchema *schemaapi.CraftingSchema_Material, backend *casclient.CASBackend, l *zerolog.Logger) (*CSAFCrafter, error)

NewCSAFSecurityIncidentResponseCrafter creates a new CSAF Security Incident Response crafter

func NewCSAFVEXCrafter 

func NewCSAFVEXCrafter(materialSchema *schemaapi.CraftingSchema_Material, backend *casclient.CASBackend, l *zerolog.Logger) (*CSAFCrafter, error)

NewCSAFVEXCrafter creates a new CSAF VEX crafter

func (*CSAFCrafter) Craft 

func (i *CSAFCrafter) Craft(ctx context.Context, filepath string) (*api.Attestation_Material, error)

type Craftable 

type Craftable interface {
	Craft(ctx context.Context, value string) (*api.Attestation_Material, error)
}

type CyclonedxJSONCrafter 

type CyclonedxJSONCrafter struct {
	// contains filtered or unexported fields
}

func NewCyclonedxJSONCrafter 

func NewCyclonedxJSONCrafter(materialSchema *schemaapi.CraftingSchema_Material, backend *casclient.CASBackend, l *zerolog.Logger) (*CyclonedxJSONCrafter, error)

func (*CyclonedxJSONCrafter) Craft 

func (i *CyclonedxJSONCrafter) Craft(ctx context.Context, filePath string) (*api.Attestation_Material, error)

type EvidenceCrafter 

type EvidenceCrafter struct {
	// contains filtered or unexported fields
}

func NewEvidenceCrafter 

func NewEvidenceCrafter(schema *schemaapi.CraftingSchema_Material, backend *casclient.CASBackend, l *zerolog.Logger) (*EvidenceCrafter, error)

NewEvidenceCrafter generates a new Evidence material. Pieces of evidences represent generic, additional context that don't fit into one of the well known material types. For example, a custom approval report (in json), ...

func (*EvidenceCrafter) Craft 

func (i *EvidenceCrafter) Craft(ctx context.Context, artifactPath string) (*api.Attestation_Material, error)

Craft will calculate the digest of the artifact, simulate an upload and return the material definition If the evidence is in JSON format with id, data (and optionally schema) fields, it will extract those as annotations

type GHASCodeScanCrafter added in v0.97.2 

type GHASCodeScanCrafter struct {
	// contains filtered or unexported fields
}

func NewGHASCodeScanCrafter added in v0.97.2 

func NewGHASCodeScanCrafter(materialSchema *schemaapi.CraftingSchema_Material, backend *casclient.CASBackend, l *zerolog.Logger) (*GHASCodeScanCrafter, error)

func (*GHASCodeScanCrafter) Craft added in v0.97.2 

func (i *GHASCodeScanCrafter) Craft(ctx context.Context, filePath string) (*api.Attestation_Material, error)

Craft will validate the CodeScan alerts report and craft the material

type GHASDependencyScanCrafter added in v0.97.2 

type GHASDependencyScanCrafter struct {
	// contains filtered or unexported fields
}

func NewGHASDependencyScanCrafter added in v0.97.2 

func NewGHASDependencyScanCrafter(materialSchema *schemaapi.CraftingSchema_Material, backend *casclient.CASBackend, l *zerolog.Logger) (*GHASDependencyScanCrafter, error)

func (*GHASDependencyScanCrafter) Craft added in v0.97.2 

func (i *GHASDependencyScanCrafter) Craft(ctx context.Context, filePath string) (*api.Attestation_Material, error)

Craft will validate the CodeScan alerts report and craft the material

type GHASSecretScanCrafter added in v0.97.2 

type GHASSecretScanCrafter struct {
	// contains filtered or unexported fields
}

func NewGHASSecretScanCrafter added in v0.97.2 

func NewGHASSecretScanCrafter(materialSchema *schemaapi.CraftingSchema_Material, backend *casclient.CASBackend, l *zerolog.Logger) (*GHASSecretScanCrafter, error)

func (*GHASSecretScanCrafter) Craft added in v0.97.2 

func (i *GHASSecretScanCrafter) Craft(ctx context.Context, filePath string) (*api.Attestation_Material, error)

Craft will validate the CodeScan alerts report and craft the material

type GitlabCrafter added in v0.96.10 

type GitlabCrafter struct {
	// contains filtered or unexported fields
}

func NewGitlabCrafter added in v0.96.10 

func NewGitlabCrafter(schema *schemaapi.CraftingSchema_Material, backend *casclient.CASBackend, l *zerolog.Logger) (*GitlabCrafter, error)

func (*GitlabCrafter) Craft added in v0.96.10 

func (i *GitlabCrafter) Craft(ctx context.Context, filePath string) (*api.Attestation_Material, error)

type HelmChartCrafter 

type HelmChartCrafter struct {
	// contains filtered or unexported fields
}

func NewHelmChartCrafter 

func NewHelmChartCrafter(materialSchema *schemaapi.CraftingSchema_Material, backend *casclient.CASBackend, ociAuth authn.Keychain,
	l *zerolog.Logger) (*HelmChartCrafter, error)

func (*HelmChartCrafter) Craft 

func (c *HelmChartCrafter) Craft(ctx context.Context, helmChartRef string) (*api.Attestation_Material, error)

type JUnitXMLCrafter 

type JUnitXMLCrafter struct {
	// contains filtered or unexported fields
}

func NewJUnitXMLCrafter 

func NewJUnitXMLCrafter(schema *schemaapi.CraftingSchema_Material, backend *casclient.CASBackend, l *zerolog.Logger) (*JUnitXMLCrafter, error)

func (*JUnitXMLCrafter) Craft 

func (i *JUnitXMLCrafter) Craft(ctx context.Context, filePath string) (*api.Attestation_Material, error)

type JacocoCrafter added in v0.136.0 

type JacocoCrafter struct {
	// contains filtered or unexported fields
}

func NewJacocoCrafter added in v0.136.0 

func NewJacocoCrafter(schema *schemaapi.CraftingSchema_Material, backend *casclient.CASBackend, l *zerolog.Logger) *JacocoCrafter

func (*JacocoCrafter) Craft added in v0.136.0 

func (c *JacocoCrafter) Craft(ctx context.Context, filePath string) (*api.Attestation_Material, error)

type OCICraftOpt added in v0.100.0 

type OCICraftOpt func(*OCIImageCrafter)

func WithArtifactTypeValidation added in v0.100.0 

func WithArtifactTypeValidation(artifactTypeValidation string) OCICraftOpt

type OCIImageCrafter 

type OCIImageCrafter struct {
	// contains filtered or unexported fields
}

func NewOCIImageCrafter 

func NewOCIImageCrafter(schema *schemaapi.CraftingSchema_Material, ociAuth authn.Keychain, l *zerolog.Logger, opts ...OCICraftOpt) (*OCIImageCrafter, error)

func (*OCIImageCrafter) Craft 

func (i *OCIImageCrafter) Craft(_ context.Context, imageRef string) (*api.Attestation_Material, error)

type OpenVEXCrafter 

type OpenVEXCrafter struct {
	// contains filtered or unexported fields
}

func NewOpenVEXCrafter 

func NewOpenVEXCrafter(materialSchema *schemaapi.CraftingSchema_Material, backend *casclient.CASBackend, l *zerolog.Logger) (*OpenVEXCrafter, error)

func (*OpenVEXCrafter) Craft 

func (i *OpenVEXCrafter) Craft(ctx context.Context, filePath string) (*api.Attestation_Material, error)

type RunnerContextCrafter added in v1.25.0 

type RunnerContextCrafter struct {
	// contains filtered or unexported fields
}

func NewRunnerContextCrafter added in v1.25.0 

func NewRunnerContextCrafter(materialSchema *schemaapi.CraftingSchema_Material, backend *casclient.CASBackend, l *zerolog.Logger) (*RunnerContextCrafter, error)

func (*RunnerContextCrafter) Craft added in v1.25.0 

func (r *RunnerContextCrafter) Craft(ctx context.Context, filePath string) (*api.Attestation_Material, error)

type SARIFCrafter 

type SARIFCrafter struct {
	// contains filtered or unexported fields
}

func NewSARIFCrafter 

func NewSARIFCrafter(materialSchema *schemaapi.CraftingSchema_Material, backend *casclient.CASBackend, l *zerolog.Logger) (*SARIFCrafter, error)

func (*SARIFCrafter) Craft 

func (i *SARIFCrafter) Craft(ctx context.Context, filepath string) (*api.Attestation_Material, error)

type SBOMMainComponentInfo added in v0.139.0 

type SBOMMainComponentInfo struct {
	// contains filtered or unexported fields
}

SBOMMainComponentInfo is a struct that holds the main component information for a SBOM

type SLSAProvenanceCrafter added in v0.184.0 

type SLSAProvenanceCrafter struct {
	// contains filtered or unexported fields
}

func NewSLSAProvenanceCrafter added in v0.184.0 

func NewSLSAProvenanceCrafter(schema *schemaapi.CraftingSchema_Material, backend *casclient.CASBackend, l *zerolog.Logger) (*SLSAProvenanceCrafter, error)

SLSA Provenance in the form of Sigstore Bundle https://slsa.dev/spec/v1.0/provenance https://docs.sigstore.dev/about/bundle/

func (*SLSAProvenanceCrafter) Craft added in v0.184.0 

func (i *SLSAProvenanceCrafter) Craft(ctx context.Context, artifactPath string) (*api.Attestation_Material, error)

Craft will calculate the digest of the artifact, simulate an upload and return the material definition

type SPDXJSONCrafter 

type SPDXJSONCrafter struct {
	// contains filtered or unexported fields
}

func NewSPDXJSONCrafter 

func NewSPDXJSONCrafter(materialSchema *schemaapi.CraftingSchema_Material, backend *casclient.CASBackend, l *zerolog.Logger) (*SPDXJSONCrafter, error)

func (*SPDXJSONCrafter) Craft 

func (i *SPDXJSONCrafter) Craft(ctx context.Context, filePath string) (*api.Attestation_Material, error)

type StringCrafter 

type StringCrafter struct {
	// contains filtered or unexported fields
}

func NewStringCrafter 

func NewStringCrafter(materialSchema *schemaapi.CraftingSchema_Material) (*StringCrafter, error)

func (*StringCrafter) Craft 

func (i *StringCrafter) Craft(_ context.Context, value string) (*api.Attestation_Material, error)

type Tool added in v1.50.0 

type Tool struct {
	Name    string
	Version string
}

Tool represents a tool with name and version

type TwistCLIScanCrafter added in v0.96.14 

type TwistCLIScanCrafter struct {
	// contains filtered or unexported fields
}

func NewTwistCLIScanCrafter added in v0.96.14 

func NewTwistCLIScanCrafter(materialSchema *schemaapi.CraftingSchema_Material, backend *casclient.CASBackend, l *zerolog.Logger) (*TwistCLIScanCrafter, error)

func (*TwistCLIScanCrafter) Craft added in v0.96.14 

func (i *TwistCLIScanCrafter) Craft(ctx context.Context, filePath string) (*api.Attestation_Material, error)

type ZAPCrafter added in v0.96.14 

type ZAPCrafter struct {
	// contains filtered or unexported fields
}

func NewZAPCrafter added in v0.96.14 

func NewZAPCrafter(materialSchema *schemaapi.CraftingSchema_Material, backend *casclient.CASBackend, l *zerolog.Logger) (*ZAPCrafter, error)

func (*ZAPCrafter) Craft added in v0.96.14 

func (i *ZAPCrafter) Craft(ctx context.Context, filePath string) (*api.Attestation_Material, error)

Craft will extract the ZAP JSON report from the zip file and upload it to the CAS

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.