github/slsa-verifier
1
0
Fork 0
mirror of https://github.com/slsa-framework/slsa-verifier.git synced 2026-05-17 14:06:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
f0fedec1ddea913a67c24e4e25b2b7cebcacc901
slsa-verifier/options/options.go
Ramon Petgrave 610ef6f1af verify reamining fields, print attestations 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
2024-06-19 00:30:15 +00:00

68 lines
2.0 KiB
Go
Raw Blame History

package options
import "crypto"
// ProvenanceOpts are the options for checking provenance information.
type ProvenanceOpts struct {
// ExpectedBranch is the expected branch (github_ref or github_base_ref) in
// the invocation parameters.
ExpectedBranch *string
// ExpectedTag is the expected tag, github_ref, in the invocation parameters.
ExpectedTag *string
// ExpectedVersionedTag is the expected versioned tag.
ExpectedVersionedTag *string
// ExpectedDigest is the expected artifact sha included in the provenance.
ExpectedDigest string
// ExpectedSourceURI is the expected source URI in the provenance.
ExpectedSourceURI string
// ExpectedBuilderID is the expected builder ID that is passed from user and verified
ExpectedBuilderID string
// ExpectedWorkflowInputs is a map of key=value inputs.
ExpectedWorkflowInputs map[string]string
ExpectedPackageName *string
ExpectedPackageVersion *string
// ExpectedProvenanceRepository is the provenance repository that is passed from user and not verified
ExpectedProvenanceRepository *string
}
// BuildOpts are the options for checking the builder.
type BuilderOpts struct {
// ExpectedBuilderID is the builderID passed in from the user to be verified
ExpectedID *string
}
// VSAOpts are the options for checking the VSA.
type VSAOpts struct {
//ExpectedDigests are the digests expected to be in the VSA
ExpectedDigests []string
// ExpectedVerifierID is the verifier ID that is passed from user and not verified
ExpectedVerifierID string
// ExpectedResourceURI is the resource URI that is passed from user and not verified
ExpectedResourceURI string
// ExpectedVerifiedLevels is the levels of verification that are passed from user and not verified
ExpectedVerifiedLevels []string
}
type VerificationOpts struct {
// PublicKey is the public key used to verify the signature on the Envelope
PublicKey crypto.PublicKey
// PublicKeyID is the ID of the public key
PublicKeyID string
// SignatureHashAlgo is the hash algorithm used to hash the signature
SignatureHashAlgo crypto.Hash
}
Reference in New Issue View Git Blame Copy Permalink