Documentation ¶
Index ¶
Constants ¶
const ( // ContainerBasedBuildType is type for container-based builds. // TODO(#1191): Update to the final BuildType URI. ContainerBasedBuildType = "https://slsa.dev/container-based-build/v0.1?draft" // SourceKey is the lookup key for source repository in ExternalParameters. SourceKey = "source" // BuilderImageKey is the lookup key for builder image in ExternalParameters. BuilderImageKey = "builderImage" // ConfigFileKey is the lookup key for the config file in ExternalParameters. ConfigFileKey = "configFile" // ArtifactPathKey is the lookup key for the artifacts path in ExternalParameters. ArtifactPathKey = "artifactPath" // CommandKey is the lookup key for the command in ExternalParameters. CommandKey = "command" )
Variables ¶
This section is empty.
Functions ¶
func CheckExistingFiles ¶ added in v1.6.0
CheckExistingFiles checks if any files match the given pattern, and returns an error if so.
Types ¶
type BuildConfig ¶
type BuildConfig struct { // The path, relative to the root of the git repository, where the artifact // built by the `docker run` command is expected to be found. ArtifactPath string `toml:"artifact_path"` // TODO(#1191): Add env and options if needed. // Command to pass to `docker run`. The command is taken as an array // instead of a single string to avoid unnecessary parsing. See // https://docs.docker.com/engine/reference/builder/#cmd and // https://man7.org/linux/man-pages/man3/exec.3.html for more details. Command []string `toml:"command"` }
BuildConfig is a collection of parameters to use for building the artifact.
type Builder ¶
type Builder struct {
// contains filtered or unexported fields
}
Builder is responsible for setting up the environment and using docker commands to build artifacts as specified in a DockerBuildConfig.
func NewBuilderWithGitFetcher ¶
func NewBuilderWithGitFetcher(config *DockerBuildConfig) (*Builder, error)
NewBuilderWithGitFetcher creates a new Builder that fetches the sources from a Git repository.
func (*Builder) SetUpBuildState ¶
func (b *Builder) SetUpBuildState() (*DockerBuild, error)
SetUpBuildState sets up the build by checking out the source repository and loading the config file. It returns an instance of DockerBuild, or an error if setting up the build state fails.
type ContainerBasedExternalParameters ¶ added in v1.7.0
type ContainerBasedExternalParameters struct { // The source GitHub repo Source slsa1.ResourceDescriptor `json:"source"` // The Docker builder image BuilderImage slsa1.ResourceDescriptor `json:"builderImage"` // Path to a configuration file relative to the root of the repository. ConfigPath string `json:"configPath"` // Unpacked build config parameters Config BuildConfig `json:"buildConfig"` }
ContainerBasedExternalParameters is a representation of the top level inputs to a container-based build.
type Digest ¶
Digest specifies a digest values, including the name of the hash function that was used for computing the digest.
type DockerBuild ¶
type DockerBuild struct { RepoInfo *RepoCheckoutInfo // contains filtered or unexported fields }
DockerBuild represents a state in the process of building the artifacts where the source repository is checked out and the config file is loaded and parsed, and we are ready for running the `docker run` command.
func (*DockerBuild) BuildArtifacts ¶
func (db *DockerBuild) BuildArtifacts(outputFolder string) ([]intoto.Subject, error)
BuildArtifacts builds the artifacts based on the user-provided inputs, and returns the names and SHA256 digests of the generated artifacts.
func (*DockerBuild) CreateBuildDefinition ¶
func (db *DockerBuild) CreateBuildDefinition() *slsa1.ProvenanceBuildDefinition
CreateBuildDefinition creates a BuildDefinition from the DockerBuildConfig and BuildConfig in this DockerBuild.
type DockerBuildConfig ¶
type DockerBuildConfig struct { SourceRepo string SourceDigest Digest BuilderImage DockerImage BuildConfigPath string ForceCheckout bool Verbose bool }
DockerBuildConfig is a convenience class for holding validated user inputs.
func NewDockerBuildConfig ¶
func NewDockerBuildConfig(io *InputOptions) (*DockerBuildConfig, error)
NewDockerBuildConfig validates the inputs and generates an instance of DockerBuildConfig.
func (*DockerBuildConfig) LoadBuildConfigFromFile ¶
func (dbc *DockerBuildConfig) LoadBuildConfigFromFile() (*BuildConfig, error)
LoadBuildConfigFromFile loads build configuration from a toml file specified by the BuildConfigPath of this DockerBuildConfig. An instance of BuildConfig is returned on success.
type DockerImage ¶
DockerImage fully specifies a docker image by a URI (e.g., including the docker image name and registry), and its digest.
func (*DockerImage) ToString ¶
func (bi *DockerImage) ToString() string
ToString returns the builder image in the form of NAME@ALG:VALUE.
type Fetcher ¶
type Fetcher interface {
Fetch() (*RepoCheckoutInfo, error)
}
Fetcher is an interface with a single method Fetch, for fetching a repository from its source.
type GitClient ¶
type GitClient struct {
// contains filtered or unexported fields
}
GitClient provides data and functions for fetching the source files from a Git repository.
func (*GitClient) Fetch ¶
func (c *GitClient) Fetch() (*RepoCheckoutInfo, error)
Fetch is implemented for GitClient to make it usable in contexts where a Fetcher is needed.
type InputOptions ¶
type InputOptions struct { BuildConfigPath string SourceRepo string GitCommitHash string BuilderImage string ForceCheckout bool Verbose bool }
InputOptions are the common options for the dry run and build command.
func (*InputOptions) AddFlags ¶
func (io *InputOptions) AddFlags(cmd *cobra.Command)
AddFlags adds input flags to the given command.
type ProvenanceStatementSLSA1 ¶
type ProvenanceStatementSLSA1 struct { intoto.StatementHeader Predicate slsa1.ProvenancePredicate `json:"predicate"` }
ProvenanceStatementSLSA1 is a convenience class to facilitate parsing a JSON document to a SLSAv1 provenance object.
func ParseProvenance ¶
func ParseProvenance(bytes []byte) (*ProvenanceStatementSLSA1, error)
ParseProvenance parses a byte array into an instance of ProvenanceStatementSLSA1.
func (*ProvenanceStatementSLSA1) ToDockerBuildConfig ¶
func (p *ProvenanceStatementSLSA1) ToDockerBuildConfig(forceCheckout bool) (*DockerBuildConfig, error)
ToDockerBuildConfig creates an instance of DockerBuildConfig using the external parameters in this provenance.
type RepoCheckoutInfo ¶
type RepoCheckoutInfo struct { // Path to the root of the repo. RepoRoot string }
RepoCheckoutInfo contains info about the location of a locally checked out repository.
func (*RepoCheckoutInfo) Cleanup ¶
func (info *RepoCheckoutInfo) Cleanup()
Cleanup removes the generated temp files. But it might not be able to remove all the files, for instance the ones generated by the build script.