docker/attest
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
137 Commits 1 Branch 35 Tags
v0.1.7
Commit Graph

137 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Joel Kamp
2e2bc49387 Merge pull request #85 from docker/refactor--use-embedded-root-types 
feat: add EmbeddedRoot type
v0.1.7 		2024-07-11 03:36:06 -05:00
mrjoelkamp
0330ea4755 feat: add EmbeddedRoot type 2024-07-10 17:30:35 -05:00
Joel Kamp
0336a21a7d Merge pull request #84 from docker/feat-add-prod-tuf-root 
feat: add production TUF root
 2024-07-10 16:39:44 -05:00
mrjoelkamp
1754a98e4e fix: dont use keyword var 2024-07-10 16:35:48 -05:00
Joel Kamp
a05fc10d53 Update pkg/tuf/tuf_test.go 
Co-authored-by: David Dooling <141646279+whalelines@users.noreply.github.com>
 2024-07-10 16:19:58 -05:00
mrjoelkamp
e830271d01 feat: add test 2024-07-10 14:39:52 -05:00
mrjoelkamp
1cb3e4a281 feat: add production tuf root 2024-07-10 14:29:59 -05:00
James Carnegie
6b199f027a Enable GCP integration test (#82) 2024-07-09 15:02:49 +01:00
dependabot[bot]
aaf043e9cd feat(deps): bump google.golang.org/api from 0.185.0 to 0.187.0 (#76) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.185.0 to 0.187.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.185.0...v0.187.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-05 12:36:47 +01:00
Jonny Stoten
ac693a45c7 Don't upload coverage results if we don't run e2e (#77) 
this way the coverage doesn't fluctuate between e2e and non-e2e test
runs
 2024-07-05 12:28:47 +01:00
James Carnegie
0038e3d23d Unify functions for use in sign & verify --vsa (#71) 
* Use receivers for manifest functions
* Move SaveImage/SaveIndex from image-signing-verifier
* Ignore test fixtures in coverage
* Add AddImagesToIndex function
 2024-07-05 09:29:14 +01:00
James Carnegie
0dd63bf5a3 Add GCP KMS support (#73) 
* Add GCP KMS support
 2024-07-04 15:32:10 +01:00
dependabot[bot]
5d56efa2df feat(deps): bump github.com/aws/aws-sdk-go-v2/config (#75) 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.27.23 to 1.27.24.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.27.23...config/v1.27.24)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-04 09:41:32 +01:00
dependabot[bot]
3ffef89dda feat(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.8.5 to 1.8.6 (#67) 2024-07-03 19:56:29 +00:00
dependabot[bot]
3c26a89496 feat(deps): bump github.com/open-policy-agent/opa from 0.65.0 to 0.66.0 (#69) 2024-07-03 19:45:50 +00:00
dependabot[bot]
6ee1d32ddc feat(deps): bump github.com/aws/aws-sdk-go-v2/config (#70) 2024-07-03 19:33:53 +00:00
Joel Kamp
3140e2d903 Merge pull request #72 from docker/dependabot/go_modules/github.com/containerd/containerd-1.7.19 
feat(deps): bump github.com/containerd/containerd from 1.7.18 to 1.7.19
 2024-07-03 14:28:01 -05:00
dependabot[bot]
dd1141c231 feat(deps): bump github.com/containerd/containerd from 1.7.18 to 1.7.19 
Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd) from 1.7.18 to 1.7.19.
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md)
- [Commits](https://github.com/containerd/containerd/compare/v1.7.18...v1.7.19)

---
updated-dependencies:
- dependency-name: github.com/containerd/containerd
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-03 08:39:19 +00:00
James Carnegie
bda1910107 Add e2e auth test (#68) 
* Add e2e auth test
 2024-07-01 14:14:23 +01:00
dependabot[bot]
80658a4b5f feat(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/aws (#65) v0.1.6 2024-06-26 16:43:41 +00:00
Joel Kamp
46db2b9fd5 Merge pull request #59 from docker/feat-cloud-provider-authn 
feat: cloud provider authn
 2024-06-26 09:28:03 -05:00
mrjoelkamp
e37f788865 refactor: drop ACR support for now 2024-06-25 13:44:29 -05:00
Joel Kamp
13172cb502 Merge branch 'main' into feat-cloud-provider-authn 2024-06-25 12:06:46 -05:00
mrjoelkamp
abb3163628 fix: update aws-sdk-go-v2 2024-06-25 11:49:58 -05:00
James Carnegie
742f98fbeb Generate coverage when tests are run (#64) 
* Generate coverage when tests are run
* Use docker's codecov account
 2024-06-24 14:26:07 +01:00
Joel Kamp
8cae188735 Merge branch 'main' into feat-cloud-provider-authn 2024-06-21 16:39:45 -05:00
Joel Kamp
7586f4dfc4 Merge pull request #61 from docker/dependabot/go_modules/github.com/aws/aws-sdk-go-v2/config-1.27.21 
feat(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.19 to 1.27.21
 2024-06-21 16:35:01 -05:00
Joel Kamp
acb862ea42 Merge branch 'main' into dependabot/go_modules/github.com/aws/aws-sdk-go-v2/config-1.27.21 2024-06-21 16:32:11 -05:00
James Carnegie
357768d421 Various fixes (#63) 
* Fix digest resolution and attestation style

* Add a bunch more tests

* Rename fields for consistency

* Remove copy-pasta

* Value -> pointer
v0.1.5 		2024-06-21 22:12:42 +01:00
James Carnegie
6bd57e02b6 Add support for separate attestation storage repo (#62) 
* Add support for separate attestation storage repo
* Move mapping file types and parsing to config package
* Change signature of Verify to take image/platform
* Separate Attestation Resolvers to their own files (registry, layout and referrers)
* Add support configuring referrers resolution style in mapping.yaml
* Add registry test
 2024-06-21 11:29:16 +01:00
dependabot[bot]
92985e9a12 feat(deps): bump github.com/aws/aws-sdk-go-v2/config 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.27.19 to 1.27.21.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.27.19...config/v1.27.21)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-20 08:23:40 +00:00
mrjoelkamp
08e823e05b refactor: make common authn function 2024-06-18 12:00:47 -05:00
Joel Kamp
ff38975c76 Merge branch 'main' into feat-cloud-provider-authn 2024-06-18 10:09:04 -05:00
dependabot[bot]
86878482c3 feat(deps): bump github.com/aws/aws-sdk-go-v2/config (#58) 2024-06-18 15:06:00 +00:00
mrjoelkamp
f95760d8b2 chore: fmt go.mod 2024-06-18 10:04:38 -05:00
mrjoelkamp
f611f81fff feat: add support for ecr, gcp, acr authn 2024-06-18 09:59:04 -05:00
mrjoelkamp
8e3c6a2ec5 feat: use os.ModePerm 2024-06-18 09:39:12 -05:00
mrjoelkamp
a3921c206a fix: ineffectual assign 2024-06-18 09:38:50 -05:00
James Carnegie
130e1f640b Support referrers using digest, not just tag (#55) 
* Support referrers using digest, not just tag

* ParseRef and switch on type

* Call DigestStr instead of String
 2024-06-17 17:30:12 +01:00
Jonny Stoten
0d0d86854c Return policy input with verification result (#56) 2024-06-17 17:28:22 +01:00
Jonny Stoten
1d9e14b99f Avoid pointers to map (#57) 2024-06-17 17:24:29 +01:00
dependabot[bot]
83c7d7634a feat(deps): bump github.com/google/go-containerregistry (#54) 
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) from 0.19.1 to 0.19.2.
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml)
- [Commits](https://github.com/google/go-containerregistry/compare/v0.19.1...v0.19.2)

---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-17 11:03:08 +01:00
Joel Kamp
5c07bd70d9 Merge pull request #53 from docker/fix-default-mkdir-perms 
fix: mkdir perms
 2024-06-14 15:42:23 -05:00
mrjoelkamp
c02e628600 fix: mkdir perms 2024-06-14 15:23:25 -05:00
Joel Kamp
3d46780a1c Merge pull request #52 from docker/refactor-use-interface-value 
refactor: use interface value
 2024-06-14 11:58:45 -05:00
mrjoelkamp
83dfd746b9 fix: update output dir permissions 2024-06-14 11:11:48 -05:00
mrjoelkamp
845fe93c11 refactor: remove any; split into functions 2024-06-14 10:04:18 -05:00
mrjoelkamp
c154613c52 refactor: use interface value 2024-06-14 10:03:39 -05:00
James Carnegie
e44390d2bc Don't use pointers for image interfaces (#51) 
* Don't use pointers for image interfaces

* Also for oci layout

* Remove default case
 2024-06-14 10:28:14 +01:00
James Carnegie
8ba9656645 Add support for OCI Referrers and fallback (#50) 
* Add support for OCI Referrers and fallback
 2024-06-13 16:10:41 +01:00