* Add rewrite support and fix existing tests
* Add unit tests for policy matching
* Compile regexes up front and store policies in map
* Add test for verify flow with mirror
* Rename ImageName -> ResolvedName
And only set it when necessary
* Rename Rewrite -> Replacement
but keep it as rewrite in the yaml
* Make TL logging/verification optional
* Return errors from go-lang fns
* Update pkg/policy/rego.go
Co-authored-by: Jonny Stoten <jonny@jonnystoten.com>
* Update pkg/attestation/sign.go
Co-authored-by: Joel Kamp <joel.kamp@docker.com>
* Move public key marshelling until later
* Simplify logSignature and pass down opts
---------
Co-authored-by: Jonny Stoten <jonny@jonnystoten.com>
Co-authored-by: Joel Kamp <joel.kamp@docker.com>
* Start of richer results from verification
* Pull out VSA code from signing
* Expose attestation signing fns
* Add VSA test
* Notes for policy result
* Require separate policy for VSA creation
* Load test signing key from tests
* Return rich object from policy
* Add result object schema and fix tests
* Ensure example test runs
* Remove data.yaml files from mock policies
* Don't run example - TUF policy isn't compatible
* Add attestation to manifests for all subjects
* Ensure adding attestation doesn't touch statements
* Don't export sign function
* Remove attestations from VerificationResult
* Change bool to Outcome enum in result
* Use outputLayout directly
* Make clearer that Outcome strings are for VSA
* Return multiple SLSA levels from policy
* Fix unmarshalling of policy-id (#39)
* Rename function
* Rename policy.VerificationResult -> policy.Result
* Re-add test for canonical input
---------
Co-authored-by: James Carnegie <james.carnegie@docker.com>
Co-authored-by: James Carnegie <kipz@users.noreply.github.com>
