docker/attest
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
249 Commits 1 Branch 35 Tags
v0.4.1
Commit Graph

32 Commits

Author SHA1 Message Date
James Carnegie
4778d3de6a fix: tuf oci image parsing (#142) 
* fix: tuf oci image parsing
 2024-08-29 12:27:13 -05:00
James Carnegie
a4ac09e7da refactor! don't use ctx for policy evaluator (#140) 
* refactor! don't use ctx for policy evaluator
 2024-08-29 17:43:45 +01:00
mrjoelkamp
2acc30693f fix: remove mock tuf client output 2024-08-29 10:03:07 -05:00
mrjoelkamp
5db1b5c4c1 feat: add tuf resolver test 2024-08-28 17:08:46 -05:00
James Carnegie
9d39c5ae3d feat!: remove MockTUFClient (#135) 
* feat! remove MockTUFClient

*Breaking*
- use LocalPolicyDir and nil TUFClient instead

Other:
- add stateful Verifier
 2024-08-28 09:53:52 +01:00
Jonny Stoten
aed959f858 fix: use a client pointing at Docker's TUF by default (#104) 
`policy.Options` now contains the arguments to `tuf.Client`'s constructor rather than an actual Client. If these arguments are not provided, defaults pointing at Docker's TUF repo will be used. An actual TUF client can be passed in on the context (which is useful for testing). If this is not provided `attest.Verify` will create a TUF client using the options on `policy.Options`.

---------

Co-authored-by: Joel Kamp <joel.kamp@docker.com>
 2024-08-23 09:33:30 +01:00
mrjoelkamp
059ee8926c refactor: move fullURL only needed for DefaultFetcher 2024-08-14 15:27:02 -05:00
mrjoelkamp
cb47507650 chore: pr comments 2024-08-14 15:01:01 -05:00
mrjoelkamp
2bf7dec72e feat: add policy.downloadLocation 2024-08-14 12:52:36 -05:00
mrjoelkamp
d2a8348ae8 feat: generate vsa policy value from file 2024-08-14 10:57:15 -05:00
mrjoelkamp
5162cfa404 refactor: ensure tests are in correct pkg 2024-08-13 10:03:33 -05:00
mrjoelkamp
1febc55a19 fix: cyclical imports 2024-08-12 16:36:18 -05:00
James Carnegie
9582e69968 fix: standardize casing of initialisms (#112) 
* fix: standardize casing of initialisms
* fix: rename intoto -> inToto and Intoto to InToto
* fix: fix all linting errors
 2024-08-01 15:35:15 +01:00
Jonny Stoten
008c14e3f3 chore: reformat with gofumpt (#109) 
* Reformat with gofumpt

* Suppress issue about laxer perms than 0600

---------

Co-authored-by: Joel Kamp <joel.kamp@docker.com>
 2024-07-31 15:48:00 +01:00
James Carnegie
de5668aca2 chore: fix linting errors (#91) 2024-07-16 12:52:33 +01:00
mrjoelkamp
da310234a4 feat: export embedded root names 2024-07-11 09:55:00 -05:00
mrjoelkamp
0330ea4755 feat: add EmbeddedRoot type 2024-07-10 17:30:35 -05:00
mrjoelkamp
1754a98e4e fix: dont use keyword var 2024-07-10 16:35:48 -05:00
Joel Kamp
a05fc10d53 Update pkg/tuf/tuf_test.go 
Co-authored-by: David Dooling <141646279+whalelines@users.noreply.github.com>
 2024-07-10 16:19:58 -05:00
mrjoelkamp
e830271d01 feat: add test 2024-07-10 14:39:52 -05:00
mrjoelkamp
1cb3e4a281 feat: add production tuf root 2024-07-10 14:29:59 -05:00
mrjoelkamp
08e823e05b refactor: make common authn function 2024-06-18 12:00:47 -05:00
mrjoelkamp
f611f81fff feat: add support for ecr, gcp, acr authn 2024-06-18 09:59:04 -05:00
Jonny Stoten
6397dcede8 Check version of attest against constraints in TUF (#19) 
* Check version of attest against constraints in TUF

* Add link to semver lib constraints docs
 2024-05-22 17:02:25 +01:00
mrjoelkamp
eddb277d7e feat: add tuf download target tests 2024-05-15 16:22:35 -05:00
mrjoelkamp
33a1996b2b fix: no such directory error 2024-05-15 14:47:20 -05:00
Jonny Stoten
e3d02ab2e1 Simplify and rename hash functions 2024-05-08 13:09:25 +01:00
Joel Kamp
3aa738b246 Update pkg/tuf/example_registry_test.go 
Co-authored-by: David Dooling <141646279+whalelines@users.noreply.github.com>
 2024-05-02 15:57:11 -05:00
Joel Kamp
c99f90cbbf docs: update examples in README.md 2024-05-02 13:49:14 -05:00
mrjoelkamp
3701942bf1 docs: update examples in README.md 2024-05-02 13:35:57 -05:00
mrjoelkamp
a3422b5331 feat: add policy, oci, attestation 2024-04-22 12:38:56 -05:00
mrjoelkamp
c1035c951e feat: combine tuf code 2024-04-15 15:37:31 -05:00