Documentation
¶
Index ¶
- Constants
- type Capability
- type Command
- type DescribeKeyRequest
- type DescribeKeyResponse
- type ErrorCode
- type GenerateEnvelopeRequest
- type GenerateEnvelopeResponse
- type GenerateSignatureRequest
- type GenerateSignatureResponse
- type GetMetadataRequest
- type Metadata
- type Request
- type RequestError
- type Runner
Constants ¶
View Source
const ContractVersion = "1.0"
ContractVersion is the <major>.<minor> version of the plugin contract.
View Source
const Prefix = "notation-"
Prefix is the prefix required on all plugin binary names.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Capability ¶
type Capability string
Capability is a feature available in the plugin contract.
const ( // CapabilitySignatureGenerator is the name of the capability // which should support a plugin to support generating signatures. CapabilitySignatureGenerator Capability = "SIGNATURE_GENERATOR" // CapabilityEnvelopeGenerator is the name of the capability // which should support a plugin to support generating envelope signatures. CapabilityEnvelopeGenerator Capability = "SIGNATURE_ENVELOPE_GENERATOR" )
type Command ¶
type Command string
Command is a CLI command available in the plugin contract.
const ( // CommandGetMetadata is the name of the plugin command // which must be supported by every plugin and returns the // plugin metadata. CommandGetMetadata Command = "get-plugin-metadata" // CommandDescribeKey is the name of the plugin command // which must be supported by every plugin that has the // SIGNATURE_GENERATOR capability. CommandDescribeKey Command = "describe-key" // CommandGenerateSignature is the name of the plugin command // which must be supported by every plugin that has the // SIGNATURE_GENERATOR capability. CommandGenerateSignature Command = "generate-signature" // CommandGenerateEnvelope is the name of the plugin command // which must be supported by every plugin that has the // SIGNATURE_ENVELOPE_GENERATOR capability. CommandGenerateEnvelope Command = "generate-envelope" )
type DescribeKeyRequest ¶
type DescribeKeyRequest struct {
ContractVersion string `json:"contractVersion"`
KeyID string `json:"keyId"`
PluginConfig map[string]string `json:"pluginConfig,omitempty"`
}
DescribeKeyRequest contains the parameters passed in a describe-key request.
func (DescribeKeyRequest) Command ¶
func (DescribeKeyRequest) Command() Command
type DescribeKeyResponse ¶
type DescribeKeyResponse struct {
// The same key id as passed in the request.
KeyID string `json:"keyId"`
// One of following supported key types:
// https://github.com/notaryproject/notaryproject/blob/main/signature-specification.md#algorithm-selection
KeySpec notation.KeySpec `json:"keySpec"`
}
GenerateSignatureResponse is the response of a describe-key request.
type ErrorCode ¶
type ErrorCode string
const ( // Any of the required request fields was empty, // or a value was malformed/invalid. ErrorCodeValidation ErrorCode = "VALIDATION_ERROR" // The contract version used in the request is unsupported. ErrorCodeUnsupportedContractVersion ErrorCode = "UNSUPPORTED_CONTRACT_VERSION" // Authentication/authorization error to use given key. ErrorCodeAccessDenied ErrorCode = "ACCESS_DENIED" // The operation to generate signature timed out // and can be retried by Notation. ErrorCodeTimeout ErrorCode = "TIMEOUT" // The operation to generate signature was throttles // and can be retried by Notation. ErrorCodeThrottled ErrorCode = "THROTTLED" // Any general error that does not fall into any categories. ErrorCodeGeneric ErrorCode = "ERROR" )
type GenerateEnvelopeRequest ¶
type GenerateEnvelopeRequest struct {
ContractVersion string `json:"contractVersion"`
KeyID string `json:"keyId"`
PayloadType string `json:"payloadType"`
SignatureEnvelopeType string `json:"signatureEnvelopeType"`
Payload []byte `json:"payload"`
PluginConfig map[string]string `json:"pluginConfig,omitempty"`
}
GenerateEnvelopeRequest contains the parameters passed in a generate-envelope request.
func (GenerateEnvelopeRequest) Command ¶
func (GenerateEnvelopeRequest) Command() Command
type GenerateEnvelopeResponse ¶
type GenerateEnvelopeResponse struct {
SignatureEnvelope []byte `json:"signatureEnvelope"`
SignatureEnvelopeType string `json:"signatureEnvelopeType"`
Annotations map[string]string `json:"annotations,omitempty"`
}
GenerateSignatureResponse is the response of a generate-envelope request.
type GenerateSignatureRequest ¶
type GenerateSignatureRequest struct {
ContractVersion string `json:"contractVersion"`
KeyID string `json:"keyId"`
KeySpec notation.KeySpec `json:"keySpec"`
Hash notation.HashAlgorithm `json:"hashAlgorithm"`
Payload []byte `json:"payload"`
PluginConfig map[string]string `json:"pluginConfig,omitempty"`
}
GenerateSignatureRequest contains the parameters passed in a generate-signature request.
func (GenerateSignatureRequest) Command ¶
func (GenerateSignatureRequest) Command() Command
type GenerateSignatureResponse ¶
type GenerateSignatureResponse struct {
KeyID string `json:"keyId"`
Signature []byte `json:"signature"`
SigningAlgorithm notation.SignatureAlgorithm `json:"signingAlgorithm"`
// Ordered list of certificates starting with leaf certificate
// and ending with root certificate.
CertificateChain [][]byte `json:"certificateChain"`
}
GenerateSignatureResponse is the response of a generate-signature request.
type GetMetadataRequest ¶
type GetMetadataRequest struct{}
GetMetadataRequest contains the parameters passed in a get-plugin-metadata request.
func (GetMetadataRequest) Command ¶
func (GetMetadataRequest) Command() Command
type Metadata ¶
type Metadata struct {
Name string `json:"name"`
Description string `json:"description"`
Version string `json:"version"`
URL string `json:"url"`
SupportedContractVersions []string `json:"supportedContractVersions"`
Capabilities []Capability `json:"capabilities"`
}
Metadata provided by the plugin.
func (*Metadata) HasCapability ¶
func (m *Metadata) HasCapability(capability Capability) bool
HasCapability return true if the metadata states that the capability is supported. Returns true if capability is empty.
func (*Metadata) SupportsContract ¶
SupportsContract return true if the metadata states that the contract version is supported.
type Request ¶
type Request interface {
Command() Command
}
Request defines a plugin request, which is always associated to a command.
type RequestError ¶
RequestError is the common error response for any request.
func (RequestError) Error ¶
func (e RequestError) Error() string
func (RequestError) Is ¶
func (e RequestError) Is(target error) bool
func (RequestError) MarshalJSON ¶
func (e RequestError) MarshalJSON() ([]byte, error)
func (*RequestError) UnmarshalJSON ¶
func (e *RequestError) UnmarshalJSON(data []byte) error
func (RequestError) Unwrap ¶
func (e RequestError) Unwrap() error
type Runner ¶
type Runner interface {
// Run executes the specified command and waits for it to complete.
//
// When the returned object is not nil, its type is guaranteed to remain always the same for a given Command.
//
// The returned error is nil if:
// - the plugin exists
// - the command runs and exits with a zero exit status
// - the command stdout contains a valid json object which can be unmarshal-ed.
//
// If the command starts but does not complete successfully, the error is of type RequestError wrapping a *exec.ExitError.
// Other error types may be returned for other situations.
Run(ctx context.Context, req Request) (interface{}, error)
}
Runner is an interface for running commands against a plugin.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.