attest/fetch.rego at main - attest - Gitea: Git with a cup of tea for gitea

docker/attest

Files

Jonny Stoten 4ca962b70c Add function for parsing DOI definition files (#172 )

Add a Rego builtin called `attest.internals.parse_library_definition`
for parsing the DOI definition files in
https://github.com/docker-library/official-images/tree/master/library.
This will allow us to verify DOI provenance fields against these files
which are the source of truth for DOI images.

This function just defers to
https://github.com/docker-library/bashbrew/blob/master/manifest/rfc2822.go.

2024-09-27 12:32:24 +01:00

8 lines

80 B

Rego

Raw Permalink Blame History

 package attest
 import rego.v1
 success if {
 	some env in attest.fetch("foo")
 }