Documentation
¶
Index ¶
Constants ¶
View Source
const (
// GithubHostedActionsBuilderID is the builder ID for Github hosted actions.
GithubHostedActionsBuilderID = "https://github.com/Attestations/GitHubHostedActions@v1"
)
Variables ¶
This section is empty.
Functions ¶
func HostedActionsProvenance ¶
func HostedActionsProvenance(ctx context.Context, w WorkflowRun, c *github.OIDCClient) (*intoto.ProvenanceStatement, error)
HostedActionsProvenance generates an in-toto provenance statement in the SLSA v0.2 format for a workflow run on a Github actions hosted runner.
Types ¶
type WorkflowParameters ¶
type WorkflowParameters struct {
// EventInputs is the inputs for the event that triggered the workflow.
EventInputs interface{} `json:"event_inputs,omitempty"`
}
WorkflowParameters contains parameters given to the workflow invocation.
type WorkflowRun ¶
type WorkflowRun struct {
// Subjects is information about the generated artifacts.
Subjects []intoto.Subject
// BuildType indicates the type of build that was done. More importantly it
// also specifies the format of the BuildConfig.
BuildType string
// BuildConfig is metadata about the build.
BuildConfig interface{}
// Invocation is the provenance invocation.
Invocation slsa.ProvenanceInvocation
// Materials is the materials used in the build run.
Materials []slsa.ProvenanceMaterial
// Completeness holds info on the completeness of
// provenance data.
Completeness slsa.ProvenanceComplete
// GithubContext is the context for the workflow run.
GithubContext github.WorkflowContext
// contains filtered or unexported fields
}
WorkflowRun contains information about the build run including the builder, build invocation, materials, and environment.
func NewWorkflowRun ¶
func NewWorkflowRun(s []intoto.Subject, c github.WorkflowContext) WorkflowRun
NewWorkflowRun returns a generic WorkflowRun based on the github context without special knowledge of the build.
Source Files
Click to show internal directories.
Click to hide internal directories.