docker/attest
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
228 Commits 1 Branch 35 Tags
v0.3.1
Commit Graph

116 Commits

Author SHA1 Message Date
mrjoelkamp
52499053d2 feat: add no policy file error 2024-08-14 16:25:41 -05:00
mrjoelkamp
5f17f97229 test: change test to use yaml file instead 2024-08-14 16:13:36 -05:00
mrjoelkamp
8d8f09661f test: add mapping no rego test 2024-08-14 16:10:54 -05:00
mrjoelkamp
059ee8926c refactor: move fullURL only needed for DefaultFetcher 2024-08-14 15:27:02 -05:00
mrjoelkamp
cb47507650 chore: pr comments 2024-08-14 15:01:01 -05:00
mrjoelkamp
2bf7dec72e feat: add policy.downloadLocation 2024-08-14 12:52:36 -05:00
mrjoelkamp
d2a8348ae8 feat: generate vsa policy value from file 2024-08-14 10:57:15 -05:00
mrjoelkamp
5162cfa404 refactor: ensure tests are in correct pkg 2024-08-13 10:03:33 -05:00
mrjoelkamp
72f6517b2c refactor: move empty config image test 2024-08-13 08:26:36 -05:00
mrjoelkamp
84cadeb97e feat: output comments 2024-08-13 08:13:27 -05:00
mrjoelkamp
57a61cc266 fix: e2e auth test 2024-08-12 16:54:44 -05:00
mrjoelkamp
5a772633b0 feat: use EmptyConfigImage for mirror 2024-08-12 16:43:42 -05:00
mrjoelkamp
1febc55a19 fix: cyclical imports 2024-08-12 16:36:18 -05:00
mrjoelkamp
0db96d56aa fix: err check not needed 2024-08-12 14:20:24 -05:00
mrjoelkamp
d291912208 refactor!: move oci output from mirror to oci pkg 
BREAKING_CHANGE: output methods to save and push images are now part of the oci pkg
 2024-08-08 14:23:46 -05:00
mrjoelkamp
9cad88a687 fix: EmptyConfigImage digest 2024-08-08 13:06:56 -05:00
mrjoelkamp
45927967c8 test: debug push 2024-08-08 10:04:41 -05:00
mrjoelkamp
9aa56e564d feat: push attestation artifacts by digest 2024-08-07 15:19:48 -05:00
mrjoelkamp
0133423f0d feat: add nil pointer test 2024-08-05 16:50:40 -05:00
mrjoelkamp
501b9b442d feat: add CreateAttestationResolver tests 2024-08-05 16:31:39 -05:00
mrjoelkamp
c7d17faf05 fix: layout attestation resolver 2024-08-05 15:32:24 -05:00
mrjoelkamp
58021646e3 feat: add oci layout test 2024-08-05 11:24:28 -05:00
mrjoelkamp
3e7a85e9b8 fix: nil pointer dereference 2024-08-05 11:24:05 -05:00
mrjoelkamp
bb7a9a257e chore: remove duplicate code 2024-08-05 11:23:32 -05:00
mrjoelkamp
c690d1090c chore: use prefix const 2024-08-05 11:22:49 -05:00
mrjoelkamp
1d1c258f9c fix: referrers resolver only works for registry resolvers 2024-08-05 10:20:40 -05:00
mrjoelkamp
5d096e226f refactor: fix import cycle for mock resolver 2024-08-05 10:19:50 -05:00
mrjoelkamp
78ec0b7666 fix: use referrers repo img spec and resolver 2024-08-01 15:24:35 -05:00
Joel Kamp
053f764b8f Merge branch 'main' into fix-oci-layout-referrers 2024-08-01 13:48:53 -05:00
mrjoelkamp
ad3b8b9e49 fix: let OCI layouts use referrers attestations 2024-08-01 13:41:49 -05:00
James Carnegie
9582e69968 fix: standardize casing of initialisms (#112) 
* fix: standardize casing of initialisms
* fix: rename intoto -> inToto and Intoto to InToto
* fix: fix all linting errors
 2024-08-01 15:35:15 +01:00
Jonny Stoten
008c14e3f3 chore: reformat with gofumpt (#109) 
* Reformat with gofumpt

* Suppress issue about laxer perms than 0600

---------

Co-authored-by: Joel Kamp <joel.kamp@docker.com>
 2024-07-31 15:48:00 +01:00
James Carnegie
9571f17476 fix: add auth to referrers image retrieval (#108) 2024-07-31 14:31:29 +01:00
Jonny Stoten
91fdf7ece6 Remove dependency on github.com/pkg/errors (#106) 2024-07-30 14:07:19 +01:00
James Carnegie
a1c7bbb991 debt: remove goyaml. Fixup directives (#103) 2024-07-29 17:21:15 +01:00
Jonny Stoten
2ffdfdf0eb docs: first cut of a new README (#99) 
Lots of this is taken from image-signer-verifier's README. The stuff on
policy is all new.

Co-authored-by: James Carnegie <kipz@users.noreply.github.com>
 2024-07-29 16:43:31 +01:00
mrjoelkamp
1e3c120272 fix: test targets file no ext 2024-07-22 16:03:23 -05:00
James Carnegie
efb73f4cae Use DSSE artifactType in referrers (#95) 
* bug: Use DSSE media types for artifactType

* Don't serialize DSSE extension if not present

* Update pkg/attestation/types.go

Co-authored-by: Joel Kamp <joel.kamp@docker.com>

* Don't error on no referrers

---------

Co-authored-by: Joel Kamp <joel.kamp@docker.com>
 2024-07-22 18:17:12 +01:00
James Carnegie
5e68d94ad4 set artifactType correctly for referrers fallback (#94) 
* set artifactType correctly for referrers fallback
 2024-07-19 16:39:35 +01:00
James Carnegie
de5668aca2 chore: fix linting errors (#91) 2024-07-16 12:52:33 +01:00
James Carnegie
065b354d3c Make referrers attestations OCI compliant (#80) 
* Single attestation when creating VSA

* Create single layer images for referrers attestations

* Move mock to test package. Add artifacts test

* Add test for envelope detection

* Add tests for image/index saving

* Add mirror tests

* Remove AttestationImage field from AttestationManifest

* Update naming. strictReferers != laxReferrers

* Add specific test for SaveReferrers
 2024-07-16 10:05:17 +01:00
Jonny Stoten
a4c3bd07fe Add proper mirror support (#74) 
* Add rewrite support and fix existing tests

* Add unit tests for policy matching

* Compile regexes up front and store policies in map

* Add test for verify flow with mirror

* Rename ImageName -> ResolvedName

And only set it when necessary

* Rename Rewrite -> Replacement

but keep it as rewrite in the yaml
 2024-07-12 17:09:41 +01:00
mrjoelkamp
da310234a4 feat: export embedded root names 2024-07-11 09:55:00 -05:00
mrjoelkamp
d65be7be7c fix: use prod as default for mirroring 2024-07-11 09:41:04 -05:00
mrjoelkamp
0330ea4755 feat: add EmbeddedRoot type 2024-07-10 17:30:35 -05:00
mrjoelkamp
1754a98e4e fix: dont use keyword var 2024-07-10 16:35:48 -05:00
Joel Kamp
a05fc10d53 Update pkg/tuf/tuf_test.go 
Co-authored-by: David Dooling <141646279+whalelines@users.noreply.github.com>
 2024-07-10 16:19:58 -05:00
mrjoelkamp
e830271d01 feat: add test 2024-07-10 14:39:52 -05:00
mrjoelkamp
1cb3e4a281 feat: add production tuf root 2024-07-10 14:29:59 -05:00
James Carnegie
6b199f027a Enable GCP integration test (#82) 2024-07-09 15:02:49 +01:00