Documentation
¶
Index ¶
- Constants
- type BuildType
- type ClientProvider
- type DefaultClientProvider
- type GithubActionsBuild
- func (b *GithubActionsBuild) BuildConfig(context.Context) (interface{}, error)
- func (b *GithubActionsBuild) Invocation(ctx context.Context) (slsa.ProvenanceInvocation, error)
- func (b *GithubActionsBuild) Materials(context.Context) ([]slsacommon.ProvenanceMaterial, error)
- func (b *GithubActionsBuild) Metadata(context.Context) (*slsa.ProvenanceMetadata, error)
- func (b *GithubActionsBuild) Subject(context.Context) ([]intoto.Subject, error)
- func (b *GithubActionsBuild) WithClients(p ClientProvider) *GithubActionsBuild
- type HostedActionsGenerator
- type NilClientProvider
- type WorkflowParameters
Constants ¶
const (
// GithubHostedActionsBuilderID is a default builder ID for Github hosted actions.
GithubHostedActionsBuilderID = "https://github.com/Attestations/GitHubHostedActions@v1"
)
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type BuildType ¶ added in v1.0.0
type BuildType interface {
// URI returns the build type's URI.
URI() string
// Subject returns a set of artifacts created by the build.
Subject(context.Context) ([]intoto.Subject, error)
// BuildConfig returns the buildConfig for this build type.
BuildConfig(context.Context) (interface{}, error)
// Invocation returns an invocation for this build type.
Invocation(context.Context) (slsa02.ProvenanceInvocation, error)
// Materials returns materials as defined by this build type.
Materials(context.Context) ([]slsacommon.ProvenanceMaterial, error)
// Metadata returns a metadata about the build.
Metadata(context.Context) (*slsa02.ProvenanceMetadata, error)
}
BuildType implements generation of buildType specific elements of SLSA provenance. Each BuildType instance represents a specific build.
type ClientProvider ¶ added in v1.0.0
type ClientProvider interface {
OIDCClient() (*github.OIDCClient, error)
GithubClient(context.Context) (*githubapi.Client, error)
}
ClientProvider creates Github API clients.
type DefaultClientProvider ¶ added in v1.0.0
type DefaultClientProvider struct {
// contains filtered or unexported fields
}
DefaultClientProvider provides a default set of clients based on the Github Actions environment.
func (*DefaultClientProvider) GithubClient ¶ added in v1.0.0
GithubClient returns a Github API client authenticated with the token provided in the github context.
func (*DefaultClientProvider) OIDCClient ¶ added in v1.0.0
func (p *DefaultClientProvider) OIDCClient() (*github.OIDCClient, error)
OIDCClient returns a default OIDC client.
type GithubActionsBuild ¶ added in v1.0.0
type GithubActionsBuild struct {
Context github.WorkflowContext
Clients ClientProvider
// contains filtered or unexported fields
}
GithubActionsBuild is a basic build type for builders running in GitHub Actions.
func NewGithubActionsBuild ¶ added in v1.0.0
func NewGithubActionsBuild(s []intoto.Subject, c *github.WorkflowContext) *GithubActionsBuild
NewGithubActionsBuild returns a new GithubActionsBuild that uses the GitHub context to generate information.
func (*GithubActionsBuild) BuildConfig ¶ added in v1.0.0
func (b *GithubActionsBuild) BuildConfig(context.Context) (interface{}, error)
BuildConfig implements BuildType.BuildConfig.
func (*GithubActionsBuild) Invocation ¶ added in v1.0.0
func (b *GithubActionsBuild) Invocation(ctx context.Context) (slsa.ProvenanceInvocation, error)
Invocation implements BuildType.Invocation. An invocation is returned that describes the workflow run. TODO: Document the basic invocation format.
func (*GithubActionsBuild) Materials ¶ added in v1.0.0
func (b *GithubActionsBuild) Materials(context.Context) ([]slsacommon.ProvenanceMaterial, error)
Materials implements BuildType.Materials. It returns a list of materials that includes the repository that triggered the GitHub Actions workflow.
func (*GithubActionsBuild) Metadata ¶ added in v1.0.0
func (b *GithubActionsBuild) Metadata(context.Context) (*slsa.ProvenanceMetadata, error)
Metadata implements BuildType.Metadata. It specifies that parameters are complete.
func (*GithubActionsBuild) WithClients ¶ added in v1.0.0
func (b *GithubActionsBuild) WithClients(p ClientProvider) *GithubActionsBuild
WithClients overrides the build type's default client provider. This is useful for tests where APIs are not available.
type HostedActionsGenerator ¶ added in v1.0.0
type HostedActionsGenerator struct {
// contains filtered or unexported fields
}
HostedActionsGenerator is a SLSA provenance generator for Github Hosted Actions. Provenance is generated based on a "build type" which defines the format for many of the fields in the provenance metadata. Builders for different ecosystems (languages etc.) can implement a build type from scratch or by extending GithubActionsBuild.
func NewHostedActionsGenerator ¶ added in v1.0.0
func NewHostedActionsGenerator(bt BuildType) *HostedActionsGenerator
NewHostedActionsGenerator returns a SLSA provenance generator for the given build type.
func (*HostedActionsGenerator) Generate ¶ added in v1.0.0
func (g *HostedActionsGenerator) Generate(ctx context.Context) (*intoto.ProvenanceStatement, error)
Generate generates an in-toto provenance statement in SLSA v0.2 format.
func (*HostedActionsGenerator) WithClients ¶ added in v1.0.0
func (g *HostedActionsGenerator) WithClients(c ClientProvider) *HostedActionsGenerator
WithClients overrides the default ClientProvider. Useful for tests where clients are not available.
type NilClientProvider ¶ added in v1.0.0
type NilClientProvider struct{}
NilClientProvider does not provide clients. It is useful for testing where APIs are not available.
func (*NilClientProvider) GithubClient ¶ added in v1.0.0
GithubClient returns nil for the client.
func (*NilClientProvider) OIDCClient ¶ added in v1.0.0
func (p *NilClientProvider) OIDCClient() (*github.OIDCClient, error)
OIDCClient returns nil for the client.
type WorkflowParameters ¶
type WorkflowParameters struct {
// EventInputs is the inputs for the event that triggered the workflow.
EventInputs interface{} `json:"event_inputs,omitempty"`
}
WorkflowParameters contains parameters given to the workflow invocation.
Source Files