diff --git a/.github/workflows/workflow.yaml b/.github/workflows/workflow.yaml index e278fcc..7545b68 100644 --- a/.github/workflows/workflow.yaml +++ b/.github/workflows/workflow.yaml @@ -107,7 +107,7 @@ jobs: --create-namespace \ --debug - - name: Build and install attest-external-data-provider + - name: Build and install attest-provider run: | ./scripts/generate-tls-cert.sh export GITHUB_TOKEN=${{ steps.app-token.outputs.token }} diff --git a/Dockerfile b/Dockerfile index 797d2b2..72c40a7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,7 +8,7 @@ ARG LDFLAGS ENV GO111MODULE=on \ CGO_ENABLED=0 -WORKDIR /go/src/github.com/docker/attest-external-data-provider +WORKDIR /app COPY . . @@ -29,11 +29,9 @@ RUN --mount=type=cache,target=$GOPATH/pkg/mod --mount=type=cache,target=/root/.c FROM ${BASEIMAGE} -COPY --from=builder /go/src/github.com/docker/attest-external-data-provider/bin/attest / +COPY --from=builder /app/bin/attest / -COPY --from=builder --chown=65532:65532 /go/src/github.com/docker/attest-external-data-provider/certs/tls.crt \ - /go/src/github.com/docker/attest-external-data-provider/certs/tls.key \ - /certs/ +COPY --from=builder --chown=65532:65532 /app/certs/tls.crt /app/certs/tls.key /certs/ USER 65532:65532 diff --git a/Makefile b/Makefile index 672e78e..5523a2c 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -REPOSITORY ?= docker/attest-external-data-provider +REPOSITORY ?= docker/attest-provider IMG := $(REPOSITORY):dev # When updating this, make sure to update the corresponding action in diff --git a/README.md b/README.md index 2a6cba6..f8374dc 100644 --- a/README.md +++ b/README.md @@ -38,8 +38,8 @@ helm install gatekeeper/gatekeeper \ 3. Build and deploy the external data provider. ```bash -git clone https://github.com/docker/attest-external-data-provider.git -cd attest-external-data-provider +git clone https://github.com/docker/attest-provider.git +cd attest-provider # if you are not planning to establish mTLS between the provider and Gatekeeper, # deploy the provider to a separate namespace. Otherwise, do not run the following command diff --git a/charts/external-data-provider/templates/external-data-provider-deployment.yaml b/charts/external-data-provider/templates/external-data-provider-deployment.yaml index f521ec3..d0d9a65 100644 --- a/charts/external-data-provider/templates/external-data-provider-deployment.yaml +++ b/charts/external-data-provider/templates/external-data-provider-deployment.yaml @@ -14,7 +14,7 @@ spec: run: attest-provider spec: containers: - - image: docker/attest-external-data-provider:dev + - image: docker/attest-provider:dev imagePullPolicy: IfNotPresent name: attest-provider securityContext: diff --git a/charts/external-data-provider/values.yaml b/charts/external-data-provider/values.yaml index 6abe884..4d28e1f 100644 --- a/charts/external-data-provider/values.yaml +++ b/charts/external-data-provider/values.yaml @@ -7,6 +7,9 @@ port: 8090 # tufMetadataSource: https://docker.github.io/tuf-dev/metadata # tufTargetsSource: https://docker.github.io/tuf-dev/targets +tufMetadataSource: https://docker.github.io/tuf-staging/metadata +tufTargetsSource: https://docker.github.io/tuf-staging/targets + provider: timeout: 30 tls: diff --git a/go.mod b/go.mod index c448134..c27a323 100644 --- a/go.mod +++ b/go.mod @@ -1,4 +1,4 @@ -module github.com/open-policy-agent/gatekeeper-external-data-provider +module github.com/docker/attest-provider go 1.22.1 diff --git a/main.go b/main.go index 22d4484..d35f7cb 100644 --- a/main.go +++ b/main.go @@ -10,8 +10,8 @@ import ( "path/filepath" "time" - "github.com/open-policy-agent/gatekeeper-external-data-provider/pkg/handler" - "github.com/open-policy-agent/gatekeeper-external-data-provider/pkg/utils" + "github.com/docker/attest-provider/pkg/handler" + "github.com/docker/attest-provider/pkg/utils" "k8s.io/klog/v2" ) diff --git a/pkg/handler/mutate.go b/pkg/handler/mutate.go index cfdcaa0..18cb3a5 100644 --- a/pkg/handler/mutate.go +++ b/pkg/handler/mutate.go @@ -7,11 +7,11 @@ import ( "net/http" "runtime/debug" + "github.com/docker/attest-provider/pkg/utils" "github.com/docker/attest/pkg/oci" "github.com/google/go-containerregistry/pkg/name" "github.com/google/go-containerregistry/pkg/v1/remote" "github.com/open-policy-agent/frameworks/constraint/pkg/externaldata" - "github.com/open-policy-agent/gatekeeper-external-data-provider/pkg/utils" "k8s.io/klog/v2" ) diff --git a/pkg/handler/validate.go b/pkg/handler/validate.go index d6ef15a..2f653d9 100644 --- a/pkg/handler/validate.go +++ b/pkg/handler/validate.go @@ -7,14 +7,14 @@ import ( "net/http" "runtime/debug" + "github.com/docker/attest-provider/internal/embed" + "github.com/docker/attest-provider/pkg/utils" "github.com/docker/attest/pkg/attest" "github.com/docker/attest/pkg/oci" "github.com/docker/attest/pkg/policy" "github.com/docker/attest/pkg/tuf" intoto "github.com/in-toto/in-toto-golang/in_toto" "github.com/open-policy-agent/frameworks/constraint/pkg/externaldata" - "github.com/open-policy-agent/gatekeeper-external-data-provider/internal/embed" - "github.com/open-policy-agent/gatekeeper-external-data-provider/pkg/utils" "k8s.io/klog/v2" )