docker/attest
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
attest/policy
History
Jonny Stoten a078fba81d feat: add internal reproducible git checksum builtin (#203) 
Adds a new rego builtin `attest.internals.reproducible_git_checksum`.
This is needed for verifying DOI provenance, see
https://github.com/docker/doi-image-policy/blob/main/slsa.md#doi-build-reproducible-git-checksum.

We use https://github.com/go-git/go-git for as much of this as possible,
but it doesn't support the actual archive operation, so we shell out to
`git` for that.

There is some similar unexported code in bashbrew, and we should
probably be using the same code in the build process as we are here.
I'll create a follow-up ticket to sort that out.
2024-10-22 14:30:27 +01:00
..
testdata/policies
feat: add internal reproducible git checksum builtin (#203)
2024-10-22 14:30:27 +01:00
evaluator.go
refactor: remove copyright year; add newline
2024-10-18 09:25:31 -05:00
mock.go
refactor: remove copyright year; add newline
2024-10-18 09:25:31 -05:00
policy_test.go
refactor: remove copyright year; add newline
2024-10-18 09:25:31 -05:00
policy.go
refactor: remove copyright year; add newline
2024-10-18 09:25:31 -05:00
README.md
refactor! remove pkg directory (#145)
2024-09-02 16:17:50 +01:00
rego_test.go
feat: add internal reproducible git checksum builtin (#203)
2024-10-22 14:30:27 +01:00
rego.go
feat: add internal reproducible git checksum builtin (#203)
2024-10-22 14:30:27 +01:00
resolver_test.go
refactor: remove copyright year; add newline
2024-10-18 09:25:31 -05:00
resolver.go
refactor: remove copyright year; add newline
2024-10-18 09:25:31 -05:00
types.go
refactor: remove copyright year; add newline
2024-10-18 09:25:31 -05:00

README.md

policy

This package is for attestation policy mapping and evaluation.