chains

package

v0.27.0 Latest Latest Go to latest Published: May 26, 2026 License: Apache-2.0 Imports: 31 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/tektoncd/chains

Links

Documentation ¶

Index ¶

Constants
type ObjectSigner
- func (o *ObjectSigner) Sign(ctx context.Context, tektonObj objects.TektonObject) error
type Signer
type TaskRunVerifier
- func (tv *TaskRunVerifier) VerifyTaskRun(ctx context.Context, tr *v1.TaskRun) error
type Verifier

Constants ¶

View Source

const (
	RekorAnnotation = "chains.tekton.dev/transparency-upload"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type ObjectSigner ¶ added in v0.13.0

type ObjectSigner struct {
	// Backends: store payload and signature
	// The keys are different storage option's name. {docdb, gcs, grafeas, oci, tekton}
	// The values are the actual storage backends that will be used to store and retrieve provenance.
	Backends          map[string]storage.Backend
	SecretPath        string
	Pipelineclientset versioned.Interface

	Recorder metrics.Recorder
}

func (*ObjectSigner) Sign ¶ added in v0.13.0

func (o *ObjectSigner) Sign(ctx context.Context, tektonObj objects.TektonObject) error

Sign TaskRun and PipelineRun objects, as well as generates attestations for each. Follows process of extract payload, sign payload, store payload and signature.

type Signer ¶

type Signer interface {
	Sign(ctx context.Context, obj objects.TektonObject) error
}

type TaskRunVerifier ¶ added in v0.6.0

type TaskRunVerifier struct {
	KubeClient        kubernetes.Interface
	Pipelineclientset versioned.Interface
	SecretPath        string
}

func (*TaskRunVerifier) VerifyTaskRun ¶ added in v0.6.0

func (tv *TaskRunVerifier) VerifyTaskRun(ctx context.Context, tr *v1.TaskRun) error

type Verifier ¶ added in v0.6.0

type Verifier interface {
	VerifyTaskRun(ctx context.Context, tr *v1.TaskRun) error
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
annotations
formats
all
simple
slsa/attest
slsa/extract
slsa/internal/artifact
slsa/internal/build_definition
slsa/internal/build_types
slsa/internal/compare
slsa/internal/external_parameters
slsa/internal/internal_parameters
slsa/internal/material
slsa/internal/metadata
slsa/internal/provenance
slsa/internal/resolved_dependencies
slsa/internal/results
slsa/internal/slsaconfig
slsa/v1
slsa/v1/internal/protos
slsa/v1/pipelinerun
slsa/v1/taskrun
slsa/v2alpha3
slsa/v2alpha3/internal/pipelinerun
slsa/v2alpha3/internal/taskrun
slsa/v2alpha4
slsa/v2alpha4/internal/pipelinerun
slsa/v2alpha4/internal/taskrun
objects
provenance
signing
kms Package kms creates a signer using a key management server	Package kms creates a signer using a key management server
x509
storage
api
archivista
docdb
gcs
grafeas
oci
pubsub
tekton

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL