github/slsa-verifier
1
0
Fork 0
mirror of https://github.com/slsa-framework/slsa-verifier.git synced 2026-05-17 05:56:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
ead4e9bf4e9ca5577cef1b4589c4167712da887f
slsa-verifier/verifiers/utils/container/cosign.go
asraa 467e0820b6 chore: update slsa provenance to v1 (#579) 
* chore: update slsa provenance to v1

Signed-off-by: Asra Ali <asraa@google.com>

* fix import path

Signed-off-by: Asra Ali <asraa@google.com>

* update dsse testcases

Signed-off-by: Asra Ali <asraa@google.com>

* fix cosign image verification in update

Signed-off-by: Asra Ali <asraa@google.com>

---------

Signed-off-by: Asra Ali <asraa@google.com>
2023-05-08 15:18:16 +00:00

19 lines
475 B
Go
Raw Blame History

package container
import (
"context"
crname "github.com/google/go-containerregistry/pkg/name"
"github.com/sigstore/cosign/v2/pkg/cosign"
"github.com/sigstore/cosign/v2/pkg/oci"
)
var RunCosignImageVerification = func(ctx context.Context,
image string, co *cosign.CheckOpts) ([]oci.Signature, bool, error) {
signedImgRef, err := crname.ParseReference(image)
if err != nil {
return nil, false, err
}
return cosign.VerifyImageAttestations(ctx, signedImgRef, co)
}
Reference in New Issue View Git Blame Copy Permalink