* Start of richer results from verification * Pull out VSA code from signing * Expose attestation signing fns * Add VSA test * Notes for policy result * Require separate policy for VSA creation * Load test signing key from tests * Return rich object from policy * Add result object schema and fix tests * Ensure example test runs * Remove data.yaml files from mock policies * Don't run example - TUF policy isn't compatible * Add attestation to manifests for all subjects * Ensure adding attestation doesn't touch statements * Don't export sign function * Remove attestations from VerificationResult * Change bool to Outcome enum in result * Use outputLayout directly * Make clearer that Outcome strings are for VSA * Return multiple SLSA levels from policy * Fix unmarshalling of policy-id (#39) * Rename function * Rename policy.VerificationResult -> policy.Result * Re-add test for canonical input --------- Co-authored-by: James Carnegie <james.carnegie@docker.com> Co-authored-by: James Carnegie <kipz@users.noreply.github.com>
17 lines
367 B
YAML
17 lines
367 B
YAML
# map repos to policies
|
|
version: v1
|
|
kind: policy-mapping
|
|
policies:
|
|
- origin:
|
|
domain: docker.io
|
|
prefix: library/
|
|
id: docker-official-images
|
|
description: Docker Official Images
|
|
files:
|
|
- path: doi/policy.rego
|
|
mirrors:
|
|
- policy-id: docker-official-images
|
|
mirror:
|
|
domains: [localhost:5001, registry.local:5000]
|
|
prefix: ""
|