applicationsnapshot

package
v0.8.21 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 22, 2025 License: Apache-2.0 Imports: 37 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	JSON            = "json"
	YAML            = "yaml"
	Text            = "text"
	AppStudio       = "appstudio"
	Summary         = "summary"
	SummaryMarkdown = "summary-markdown"
	JUnit           = "junit"
	Attestation     = "attestation"
	PolicyInput     = "policy-input"
	VSA             = "vsa"
	// Deprecated old version of appstudio. Remove some day.
	HACBS = "hacbs"
)

Possible formats the report can be written as.

Variables

View Source 
var OutputFormats = []string{
	JSON,
	YAML,
	Text,
	AppStudio,
	Summary,
	SummaryMarkdown,
	JUnit,
	Attestation,
	PolicyInput,
	VSA,
}

Functions

func GetVSAPredicateDigest added in v0.7.117 

func GetVSAPredicateDigest(fs afero.Fs, path string) (string, error)

GetVSAPredicateDigest calculates the sha256 digest of the given file path.

func OutputAppstudioReport 

func OutputAppstudioReport(t TestReport)

Types

type AttestationResult 

type AttestationResult struct {
	Type               string                      `json:"type,omitempty"`
	PredicateType      string                      `json:"predicateType,omitempty"`
	PredicateBuildType string                      `json:"predicateBuildType,omitempty"`
	Signatures         []signature.EntitySignature `json:"signatures,omitempty"`
	Statement          []byte                      `json:"-"`
}

func NewAttestationResult 

func NewAttestationResult(att attestation.Attestation) AttestationResult

type Component 

type Component struct {
	app.SnapshotComponent
	Violations   []evaluator.Result          `json:"violations,omitempty"`
	Warnings     []evaluator.Result          `json:"warnings,omitempty"`
	Successes    []evaluator.Result          `json:"successes,omitempty"`
	Success      bool                        `json:"success"`
	SuccessCount int                         `json:"-"`
	Signatures   []signature.EntitySignature `json:"signatures,omitempty"`
	Attestations []AttestationResult         `json:"attestations,omitempty"`
}

type ExpansionInfo added in v0.8.9 

type ExpansionInfo struct {
	// contains filtered or unexported fields
}

ExpansionInfo tracks the relationships between image indexes and their child manifests that are created when expanding multi-arch images.

func DetermineInputSpec 

func DetermineInputSpec(ctx context.Context, input Input) (*app.SnapshotSpec, *ExpansionInfo, error)

func NewExpansionInfo added in v0.8.9 

func NewExpansionInfo() *ExpansionInfo

NewExpansionInfo creates a new ExpansionInfo instance

func (*ExpansionInfo) AddChildToIndex added in v0.8.18 

func (e *ExpansionInfo) AddChildToIndex(index, child string)

AddChildToIndex safely adds a child to the index

func (*ExpansionInfo) GetChildrenByIndex added in v0.8.18 

func (e *ExpansionInfo) GetChildrenByIndex(index string) ([]string, bool)

GetChildrenByIndex safely gets children for an index Caller gets own slice to avoid race conditions Example: 

go func() {
    e.AddChildToIndex("index1", "child3") // holds lock while writing
}()

children, _ := e.GetChildrenByIndex("index1") // holds lock while reading children = append(children, "child4") // modifies underlying slice WITHOUT lock

func (*ExpansionInfo) GetIndexAlias added in v0.8.18 

func (e *ExpansionInfo) GetIndexAlias(key string) (string, bool)

GetIndexAlias safely gets an index alias

func (*ExpansionInfo) GetParentByChild added in v0.8.18 

func (e *ExpansionInfo) GetParentByChild(child string) (string, bool)

GetParentByChild safely gets the parent for a child

func (*ExpansionInfo) SetIndexAlias added in v0.8.18 

func (e *ExpansionInfo) SetIndexAlias(key, value string)

SetIndexAlias safely sets an index alias

func (*ExpansionInfo) SetParentByChild added in v0.8.18 

func (e *ExpansionInfo) SetParentByChild(child, parent string)

SetParentByChild safely sets the parent for a child

type Input 

type Input struct {
	File     string // Deprecated: replaced by images
	JSON     string // Deprecated: replaced by images
	Image    string
	Snapshot string
	Images   string
}

type Report 

type Report struct {
	Success bool `json:"success"`

	Snapshot      string                           `json:"snapshot,omitempty"`
	Components    []Component                      `json:"components"`
	Key           string                           `json:"key"`
	Policy        ecc.EnterpriseContractPolicySpec `json:"policy"`
	EcVersion     string                           `json:"ec-version"`
	Data          any                              `json:"-"`
	EffectiveTime time.Time                        `json:"effective-time"`
	PolicyInput   [][]byte                         `json:"-"`
	ShowSuccesses bool                             `json:"-"`
	ShowWarnings  bool                             `json:"-"`
	Expansion     *ExpansionInfo                   `json:"-"`
	// contains filtered or unexported fields
}

func NewReport 

func NewReport(snapshot string, components []Component, policy policy.Policy, policyInput [][]byte, showSuccesses bool, showWarnings bool, expansion *ExpansionInfo) (Report, error)

WriteReport returns a new instance of Report representing the state of components from the snapshot.

func (Report) WriteAll 

func (r Report) WriteAll(targets []string, p format.TargetParser) (allErrors error)

WriteAll writes the report to all the given targets.

type SLSAProvenance 

type SLSAProvenance interface {
	attestation.Attestation
	PredicateBuildType() string
}

type SnapshotVSAGenerator added in v0.7.117 

type SnapshotVSAGenerator struct {
	Report Report
}

func NewSnapshotVSAGenerator added in v0.7.117 

func NewSnapshotVSAGenerator(report Report) *SnapshotVSAGenerator

NewSnapshotVSAGenerator creates a new VSA predicate generator for application snapshots

func (*SnapshotVSAGenerator) GeneratePredicate added in v0.7.117 

func (s *SnapshotVSAGenerator) GeneratePredicate(ctx context.Context) (Report, error)

GeneratePredicate creates a VSA predicate for the entire application snapshot

type SnapshotVSAWriter added in v0.7.117 

type SnapshotVSAWriter struct {
	FS            afero.Fs    // defaults to afero.NewOsFs()
	TempDirPrefix string      // defaults to "snapshot-vsa-"
	FilePerm      os.FileMode // defaults to 0600
}

SnapshotVSAWriter handles writing application snapshot VSA predicates to files

func NewSnapshotVSAWriter added in v0.7.117 

func NewSnapshotVSAWriter() *SnapshotVSAWriter

NewSnapshotVSAWriter creates a new application snapshot VSA file writer

func (*SnapshotVSAWriter) WritePredicate added in v0.7.117 

func (s *SnapshotVSAWriter) WritePredicate(report Report) (string, error)

WritePredicate writes the Report as a VSA predicate to a file

type TestReport 

type TestReport struct {
	Timestamp string `json:"timestamp"`
	Namespace string `json:"namespace"`
	Successes int    `json:"successes"`
	Failures  int    `json:"failures"`
	Warnings  int    `json:"warnings"`
	Result    string `json:"result"`
	Note      string `json:"note,omitempty"`
}

TestReport represents the standardized TEST_OUTPUT format. The `Namespace` attribute is required for the appstudio results API. However, it is always an empty string from the cli as a way to indicate all namespaces were used.

func AppstudioReportForError 

func AppstudioReportForError(prefix string, err error) TestReport

func (*TestReport) DeriveNote 

func (r *TestReport) DeriveNote()

It's redundant and perhaps not very useful, but let's produce some kind of a human readable note. We could perhaps make this more sophisticated in future, e.g. by including an abbreviated list of failure or warning messages.

func (*TestReport) DeriveResult 

func (r *TestReport) DeriveResult(hasFailures bool)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.