github/slsa-verifier
1
0
Fork 0
mirror of https://github.com/slsa-framework/slsa-verifier.git synced 2026-05-11 11:06:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
449e404e2af026dff679da4fa6e131d85157c573
slsa-verifier/options/options.go
saisatishkarra 9b2467f836 feat: fixes #724: add input for --provenance-repository while image verification (#736) 
@laurentsimon Added a new image verification cmd input
`--provenance-repository`
This replicates the feature of the `COSIGN_REPOSITORY` environment
variable when provenance is stored in a different repository/registry

Order of precedence:
- If input `--provenance-repository` is set, leverages the non-empty
input value
- If the env variable `COSIGN_REPOSITORY` is set, it is NOT consumed

README edit :
https://github.com/slsa-framework/slsa-verifier/pull/736/files#diff-b335630551682c19a781afebcf4d07bf978fb1f8ac04c6bf87428ed5106870f5R280

---------

Signed-off-by: saisatishkarra <saisatish.karra@konghq.com>
Co-authored-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
2024-01-22 18:10:11 +00:00

40 lines
1.2 KiB
Go
Raw Blame History

package options
// ProvenanceOpts are the options for checking provenance information.
type ProvenanceOpts struct {
// ExpectedBranch is the expected branch (github_ref or github_base_ref) in
// the invocation parameters.
ExpectedBranch *string
// ExpectedTag is the expected tag, github_ref, in the invocation parameters.
ExpectedTag *string
// ExpectedVersionedTag is the expected versioned tag.
ExpectedVersionedTag *string
// ExpectedDigest is the expected artifact sha included in the provenance.
ExpectedDigest string
// ExpectedSourceURI is the expected source URI in the provenance.
ExpectedSourceURI string
// ExpectedBuilderID is the expected builder ID that is passed from user and verified
ExpectedBuilderID string
// ExpectedWorkflowInputs is a map of key=value inputs.
ExpectedWorkflowInputs map[string]string
ExpectedPackageName *string
ExpectedPackageVersion *string
// ExpectedProvenanceRepository is the provenance repository that is passed from user and not verified
ExpectedProvenanceRepository *string
}
// BuildOpts are the options for checking the builder.
type BuilderOpts struct {
// ExpectedBuilderID is the builderID passed in from the user to be verified
ExpectedID *string
}
Reference in New Issue View Git Blame Copy Permalink