Documentation
¶
Index ¶
Constants ¶
const ( StatusPass = "PASS" StatusFail = "FAIL" StatusWarn = "WARN" StatusSkip = "SKIP" )
Status constants for verification checks.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Attestation ¶
Attestation holds the GPG signature of the report.
type CheckResult ¶
type CheckResult struct {
Name string `json:"name"`
Status string `json:"status"`
Details string `json:"details"`
}
CheckResult holds the result of a single verification check.
func VerifyBundle ¶
func VerifyBundle(srcHost, srcOwner, srcName, tgtHost, tgtOrg, tgtName, srcToken, tgtToken string, opts Options) (*CheckResult, error)
VerifyBundle creates git bundles from both source and target, verifies they are valid, and compares the refs they contain. Raw checksums are not compared because git bundles are non-deterministic (packfile compression/ordering varies between clones).
func VerifyObjects ¶
func VerifyObjects(srcHost, srcOwner, srcName, tgtHost, tgtOrg, tgtName, srcToken, tgtToken string, opts Options) (*CheckResult, error)
VerifyObjects compares all git object hashes between source and target repos.
func VerifyObjectsSince ¶
func VerifyObjectsSince(srcHost, srcOwner, srcName, tgtHost, tgtOrg, tgtName, srcToken, tgtToken, since string, opts Options) (*CheckResult, error)
VerifyObjectsSince compares objects created after a given SHA or date.
func VerifyRefs ¶
func VerifyRefs(srcHost, srcOwner, srcName, tgtHost, tgtOrg, tgtName, srcToken, tgtToken string, opts Options) (*CheckResult, error)
VerifyRefs compares all branches and tags between source and target.
func VerifySignatures ¶
func VerifySignatures(srcHost, srcOwner, srcName, tgtHost, tgtOrg, tgtName, srcToken, tgtToken string, opts Options) (*CheckResult, error)
VerifySignatures checks that GPG/SSH commit signatures are preserved after copy.
func VerifyTrees ¶
func VerifyTrees(srcHost, srcOwner, srcName, tgtHost, tgtOrg, tgtName, srcToken, tgtToken string, opts Options) (*CheckResult, error)
VerifyTrees compares root tree hashes for each branch between source and target.
type Options ¶
type Options struct {
QuickMode bool
CodeOnly bool // skip tag-dependent checks (ref comparison, bundle)
Verbose bool
ExcludedRefs []string // full ref names (e.g. "refs/heads/main") to exclude from comparison
}
Options controls which verification checks to run.
type RefResult ¶
type RefResult struct {
Name string `json:"name"`
Type string `json:"type"` // "branch" or "tag"
SourceSHA string `json:"source_sha"`
TargetSHA string `json:"target_sha"`
Match bool `json:"match"`
}
RefResult holds comparison results for a single ref.
type SignatureResult ¶
type SignatureResult struct {
CommitSHA string `json:"commit_sha"`
InSource bool `json:"in_source"`
InTarget bool `json:"in_target"`
Match bool `json:"match"`
}
SignatureResult holds the verification result for a signed commit.
type VerificationReport ¶
type VerificationReport struct {
SourceRepo string `json:"source_repo"`
TargetRepo string `json:"target_repo"`
SourceHost string `json:"source_host"`
TargetHost string `json:"target_host"`
Timestamp time.Time `json:"timestamp"`
Checks []CheckResult `json:"checks"`
Attestation *Attestation `json:"attestation,omitempty"`
}
VerificationReport holds all verification results.
func RunAll ¶
func RunAll(srcHost, srcOwner, srcName, tgtHost, tgtOrg, tgtName, srcToken, tgtToken string, opts Options) (*VerificationReport, error)
RunAll executes all verification checks and returns a consolidated report.
func RunIncremental ¶
func RunIncremental(srcHost, srcOwner, srcName, tgtHost, tgtOrg, tgtName, srcToken, tgtToken, since string, opts Options) (*VerificationReport, error)
RunIncremental runs verification only on objects newer than the given reference.
func (*VerificationReport) AllPassed ¶
func (r *VerificationReport) AllPassed() bool
AllPassed returns true if all checks passed (PASS or WARN).
Source Files