-
Notifications
You must be signed in to change notification settings - Fork 51
/
Copy pathoptions.go
67 lines (48 loc) · 1.98 KB
/
options.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
package options
import "crypto"
// ProvenanceOpts are the options for checking provenance information.
type ProvenanceOpts struct {
// ExpectedBranch is the expected branch (github_ref or github_base_ref) in
// the invocation parameters.
ExpectedBranch *string
// ExpectedTag is the expected tag, github_ref, in the invocation parameters.
ExpectedTag *string
// ExpectedVersionedTag is the expected versioned tag.
ExpectedVersionedTag *string
// ExpectedDigest is the expected artifact sha included in the provenance.
ExpectedDigest string
// ExpectedSourceURI is the expected source URI in the provenance.
ExpectedSourceURI string
// ExpectedBuilderID is the expected builder ID that is passed from user and verified
ExpectedBuilderID string
// ExpectedWorkflowInputs is a map of key=value inputs.
ExpectedWorkflowInputs map[string]string
ExpectedPackageName *string
ExpectedPackageVersion *string
// ExpectedProvenanceRepository is the provenance repository that is passed from user.
ExpectedProvenanceRepository *string
}
// BuildOpts are the options for checking the builder.
type BuilderOpts struct {
// ExpectedBuilderID is the builderID passed in from the user.
ExpectedID *string
}
// VSAOpts are the options for checking the VSA.
type VSAOpts struct {
// ExpectedDigests are the digests expected to be in the VSA.
ExpectedDigests *[]string
// ExpectedVerifierID is the verifier ID that is passed from user.
ExpectedVerifierID *string
// ExpectedResourceURI is the resource URI that is passed from user.
ExpectedResourceURI *string
// ExpectedVerifiedLevels is the levels of verification that are passed from user.
ExpectedVerifiedLevels *[]string
}
type VerificationOpts struct {
// PublicKey is the public key used to verify the signature on the Envelope.
PublicKey crypto.PublicKey
// PublicKeyID is the ID of the public key.
PublicKeyID *string
// PublicKeyHashAlgo is the hash algorithm used to compute digest that was signed.
PublicKeyHashAlgo crypto.Hash
}