docker/attest
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
159 Commits 1 Branch 35 Tags
v0.1.8
Commit Graph

159 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
James Carnegie
10dab6ed25 Fix imports for e2e v0.1.8 2024-07-16 09:56:57 +01:00
James Carnegie
cd964d4287 Fix go.mod 2024-07-16 09:48:57 +01:00
James Carnegie
6e1ff664a3 Fix up after review 2024-07-16 09:44:11 +01:00
James Carnegie
728f1611e4 Add specific test for SaveReferrers 2024-07-16 09:44:10 +01:00
James Carnegie
d9a23a08a4 Fix double encoding. Remove annotations 2024-07-16 09:44:10 +01:00
James Carnegie
20f4403d44 Update naming. strictReferers != laxReferrers 2024-07-16 09:44:09 +01:00
James Carnegie
549c89e841 Add comment re: go-containerregistry fork 2024-07-16 09:44:09 +01:00
James Carnegie
5faf0801ee Remove AttestationImage field from AttestationManifest 2024-07-16 09:44:06 +01:00
James Carnegie
116c668183 Add mirror tests 2024-07-16 09:43:00 +01:00
James Carnegie
db98f597f2 Add tests for image/index saving 2024-07-16 09:42:59 +01:00
James Carnegie
34bc47fcec Add test for envelope detection 2024-07-16 09:42:59 +01:00
James Carnegie
9c822317aa Move mock to test package. Add artifacts test 2024-07-16 09:42:58 +01:00
James Carnegie
a605278749 Create single layer images for referrers attestations 2024-07-16 09:42:56 +01:00
James Carnegie
c3ece3f02d Single attestation when creating VSA 2024-07-16 09:40:48 +01:00
Jonny Stoten
a4c3bd07fe Add proper mirror support (#74) 
* Add rewrite support and fix existing tests

* Add unit tests for policy matching

* Compile regexes up front and store policies in map

* Add test for verify flow with mirror

* Rename ImageName -> ResolvedName

And only set it when necessary

* Rename Rewrite -> Replacement

but keep it as rewrite in the yaml
 2024-07-12 17:09:41 +01:00
dependabot[bot]
247448a765 feat(deps): bump github.com/aws/aws-sdk-go-v2/config (#86) 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.27.24 to 1.27.26.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.27.24...config/v1.27.26)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-12 10:38:33 +01:00
dependabot[bot]
64e7f1ccab feat(deps): bump github.com/testcontainers/testcontainers-go/modules/registry (#79) 
Bumps [github.com/testcontainers/testcontainers-go/modules/registry](https://github.com/testcontainers/testcontainers-go) from 0.31.0 to 0.32.0.
- [Release notes](https://github.com/testcontainers/testcontainers-go/releases)
- [Commits](https://github.com/testcontainers/testcontainers-go/compare/v0.31.0...v0.32.0)

---
updated-dependencies:
- dependency-name: github.com/testcontainers/testcontainers-go/modules/registry
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-12 10:35:30 +01:00
dependabot[bot]
f3354d1251 feat(deps): bump github.com/google/go-containerregistry (#81) 
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) from 0.19.2 to 0.20.0.
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml)
- [Commits](https://github.com/google/go-containerregistry/compare/v0.19.2...v0.20.0)

---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-12 10:27:37 +01:00
dependabot[bot]
a36c43a173 feat(deps): bump google.golang.org/api from 0.187.0 to 0.188.0 (#83) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.187.0 to 0.188.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.187.0...v0.188.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-12 10:27:14 +01:00
Joel Kamp
7e9b48baf9 Merge pull request #87 from docker/chore-update-defaults-export-roots 
chore: update default urls and export roots
 2024-07-11 13:22:36 -05:00
mrjoelkamp
da310234a4 feat: export embedded root names 2024-07-11 09:55:00 -05:00
mrjoelkamp
d65be7be7c fix: use prod as default for mirroring 2024-07-11 09:41:04 -05:00
Joel Kamp
2e2bc49387 Merge pull request #85 from docker/refactor--use-embedded-root-types 
feat: add EmbeddedRoot type
v0.1.7 		2024-07-11 03:36:06 -05:00
mrjoelkamp
0330ea4755 feat: add EmbeddedRoot type 2024-07-10 17:30:35 -05:00
Joel Kamp
0336a21a7d Merge pull request #84 from docker/feat-add-prod-tuf-root 
feat: add production TUF root
 2024-07-10 16:39:44 -05:00
mrjoelkamp
1754a98e4e fix: dont use keyword var 2024-07-10 16:35:48 -05:00
Joel Kamp
a05fc10d53 Update pkg/tuf/tuf_test.go 
Co-authored-by: David Dooling <141646279+whalelines@users.noreply.github.com>
 2024-07-10 16:19:58 -05:00
mrjoelkamp
e830271d01 feat: add test 2024-07-10 14:39:52 -05:00
mrjoelkamp
1cb3e4a281 feat: add production tuf root 2024-07-10 14:29:59 -05:00
James Carnegie
6b199f027a Enable GCP integration test (#82) 2024-07-09 15:02:49 +01:00
dependabot[bot]
aaf043e9cd feat(deps): bump google.golang.org/api from 0.185.0 to 0.187.0 (#76) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.185.0 to 0.187.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.185.0...v0.187.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-05 12:36:47 +01:00
Jonny Stoten
ac693a45c7 Don't upload coverage results if we don't run e2e (#77) 
this way the coverage doesn't fluctuate between e2e and non-e2e test
runs
 2024-07-05 12:28:47 +01:00
James Carnegie
0038e3d23d Unify functions for use in sign & verify --vsa (#71) 
* Use receivers for manifest functions
* Move SaveImage/SaveIndex from image-signing-verifier
* Ignore test fixtures in coverage
* Add AddImagesToIndex function
 2024-07-05 09:29:14 +01:00
James Carnegie
0dd63bf5a3 Add GCP KMS support (#73) 
* Add GCP KMS support
 2024-07-04 15:32:10 +01:00
dependabot[bot]
5d56efa2df feat(deps): bump github.com/aws/aws-sdk-go-v2/config (#75) 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.27.23 to 1.27.24.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.27.23...config/v1.27.24)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-04 09:41:32 +01:00
dependabot[bot]
3ffef89dda feat(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.8.5 to 1.8.6 (#67) 2024-07-03 19:56:29 +00:00
dependabot[bot]
3c26a89496 feat(deps): bump github.com/open-policy-agent/opa from 0.65.0 to 0.66.0 (#69) 2024-07-03 19:45:50 +00:00
dependabot[bot]
6ee1d32ddc feat(deps): bump github.com/aws/aws-sdk-go-v2/config (#70) 2024-07-03 19:33:53 +00:00
Joel Kamp
3140e2d903 Merge pull request #72 from docker/dependabot/go_modules/github.com/containerd/containerd-1.7.19 
feat(deps): bump github.com/containerd/containerd from 1.7.18 to 1.7.19
 2024-07-03 14:28:01 -05:00
dependabot[bot]
dd1141c231 feat(deps): bump github.com/containerd/containerd from 1.7.18 to 1.7.19 
Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd) from 1.7.18 to 1.7.19.
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md)
- [Commits](https://github.com/containerd/containerd/compare/v1.7.18...v1.7.19)

---
updated-dependencies:
- dependency-name: github.com/containerd/containerd
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-03 08:39:19 +00:00
James Carnegie
bda1910107 Add e2e auth test (#68) 
* Add e2e auth test
 2024-07-01 14:14:23 +01:00
dependabot[bot]
80658a4b5f feat(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/aws (#65) v0.1.6 2024-06-26 16:43:41 +00:00
Joel Kamp
46db2b9fd5 Merge pull request #59 from docker/feat-cloud-provider-authn 
feat: cloud provider authn
 2024-06-26 09:28:03 -05:00
mrjoelkamp
e37f788865 refactor: drop ACR support for now 2024-06-25 13:44:29 -05:00
Joel Kamp
13172cb502 Merge branch 'main' into feat-cloud-provider-authn 2024-06-25 12:06:46 -05:00
mrjoelkamp
abb3163628 fix: update aws-sdk-go-v2 2024-06-25 11:49:58 -05:00
James Carnegie
742f98fbeb Generate coverage when tests are run (#64) 
* Generate coverage when tests are run
* Use docker's codecov account
 2024-06-24 14:26:07 +01:00
Joel Kamp
8cae188735 Merge branch 'main' into feat-cloud-provider-authn 2024-06-21 16:39:45 -05:00
Joel Kamp
7586f4dfc4 Merge pull request #61 from docker/dependabot/go_modules/github.com/aws/aws-sdk-go-v2/config-1.27.21 
feat(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.19 to 1.27.21
 2024-06-21 16:35:01 -05:00
Joel Kamp
acb862ea42 Merge branch 'main' into dependabot/go_modules/github.com/aws/aws-sdk-go-v2/config-1.27.21 2024-06-21 16:32:11 -05:00