docker/attest
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
304 Commits 1 Branch 35 Tags
v0.6.4
Commit Graph

10 Commits

Author SHA1 Message Date
James Carnegie
c0510fb76c Support images as well as indexes in ImageDetailResolvers (#183) 
* build: Generate test data for unsigned and no provenance image indexes
* feat: Add function to build index without SBOM or provenance for linux/amd64 platform
* feat: add build_image function to build image without SBOM or provenance for linux/amd64
* feat: Rename NO_SBOM_NO_PROVENANCE_INDEX_DIR to UNSIGNED_IMAGE_DIR
* feat: support images in details resolvers
 2024-09-30 20:53:13 +01:00
Jonny Stoten
4ca962b70c Add function for parsing DOI definition files (#172) 
Add a Rego builtin called `attest.internals.parse_library_definition`
for parsing the DOI definition files in
https://github.com/docker-library/official-images/tree/master/library.
This will allow us to verify DOI provenance fields against these files
which are the source of truth for DOI images.

This function just defers to
https://github.com/docker-library/bashbrew/blob/master/manifest/rfc2822.go.
 2024-09-27 12:32:24 +01:00
James Carnegie
2ace988b1c chore: add test for RegoFnOpts (#171) 2024-09-19 13:54:10 +01:00
James Carnegie
3e82338649 refactor: remove explicit closures. expose rego fns (#170) 2024-09-19 11:04:00 +01:00
James Carnegie
4a70e5ae36 Add platform filtering support to mapping.yml (#167) 
* chore!: rename package config -> mapping
* feat: add platform filtering support to mapping.yml
 2024-09-18 21:11:55 +01:00
James Carnegie
05caa959c4 Use a Factory to create signature verifiers at policy evaluation time (#165) 
* Make verifiers composable

* fix: remove unused code and improve signature verification logic

* fix: simplify abstractions and renamed some things

* fix: improve tl interface.

* fix: sort out signer/verifier
 2024-09-18 13:34:10 +01:00
James Carnegie
ed0ae8ecf6 fix: verify mapped image name against subjects (#156) 
* fix: verify mapped image name against subjects
 2024-09-05 08:08:55 -05:00
James Carnegie
48e58a9115 Verify input image/platform against attestation subjects before passing to rego (#148) 
* feat: verify subjects before passing to rego
 2024-09-04 10:20:00 +01:00
James Carnegie
1f806f33a8 feat: validate mapping files on load (#147) 2024-09-03 12:21:24 +01:00
James Carnegie
8982778507 refactor! remove pkg directory (#145) 
* refactor!: remove pkg directory

* chore: include breaking changes in draft
 2024-09-02 16:17:50 +01:00