ErrSkipChildren is a special error that may be returned from a Mutator to skip processing of an index's child entities.
var ErrSkipChildren = errors.New("skip child entities")
func AppendManifests(base v1.ImageIndex, adds ...IndexAddendum) oci.SignedImageIndex
AppendManifests is a form of mutate.AppendManifests that produces an oci.SignedImageIndex. The index itself will contain no signatures, but allows access to the contained signed entities.
func AppendSignatures(base oci.Signatures, recordCreationTimestamp bool, sigs ...oci.Signature) (oci.Signatures, error)
AppendSignatures produces a new oci.Signatures with the provided signatures appended to the provided base signatures.
func AttachAttestationToEntity(se oci.SignedEntity, att oci.Signature, opts ...SignOption) (oci.SignedEntity, error)
AttachAttestationToEntity attaches the provided attestation to the provided entity.
func AttachAttestationToImage(si oci.SignedImage, att oci.Signature, opts ...SignOption) (oci.SignedImage, error)
AttachAttestationToImage attaches the provided attestation to the provided image.
func AttachAttestationToImageIndex(sii oci.SignedImageIndex, att oci.Signature, opts ...SignOption) (oci.SignedImageIndex, error)
AttachAttestationToImageIndex attaches the provided attestation to the provided image index.
func AttachAttestationToUnknown(se oci.SignedEntity, att oci.Signature, opts ...SignOption) (oci.SignedEntity, error)
AttachAttestationToUnknown attaches the provided attestation to the provided image.
func AttachFileToEntity(se oci.SignedEntity, name string, f oci.File, opts ...SignOption) (oci.SignedEntity, error)
AttachFileToEntity attaches the provided file to the provided entity.
func AttachFileToImage(si oci.SignedImage, name string, f oci.File, opts ...SignOption) (oci.SignedImage, error)
AttachFileToImage attaches the provided file to the provided image.
func AttachFileToImageIndex(sii oci.SignedImageIndex, name string, f oci.File, opts ...SignOption) (oci.SignedImageIndex, error)
AttachFileToImageIndex attaches the provided file to the provided image index.
func AttachFileToUnknown(se oci.SignedEntity, name string, f oci.File, opts ...SignOption) (oci.SignedEntity, error)
AttachFileToUnknown attaches the provided file to the provided image.
func AttachSignatureToEntity(se oci.SignedEntity, sig oci.Signature, opts ...SignOption) (oci.SignedEntity, error)
AttachSignatureToEntity attaches the provided signature to the provided entity.
func AttachSignatureToImage(si oci.SignedImage, sig oci.Signature, opts ...SignOption) (oci.SignedImage, error)
AttachSignatureToImage attaches the provided signature to the provided image.
func AttachSignatureToImageIndex(sii oci.SignedImageIndex, sig oci.Signature, opts ...SignOption) (oci.SignedImageIndex, error)
AttachSignatureToImageIndex attaches the provided signature to the provided image index.
func AttachSignatureToUnknown(se oci.SignedEntity, sig oci.Signature, opts ...SignOption) (oci.SignedEntity, error)
AttachSignatureToUnknown attaches the provided signature to the provided image.
func IsAfterChildren(ctx context.Context) bool
IsAfterChildren is true within a Mutator when it is called after the children have been processed; however, this call is only made if the set of children changes since the Before call.
func IsBeforeChildren(ctx context.Context) bool
IsBeforeChildren is true within a Mutator when it is called before the children have been processed.
func Map(ctx context.Context, parent oci.SignedEntity, fn Fn) (oci.SignedEntity, error)
Map calls `fn` on the signed entity and each of its constituent entities (`SignedImageIndex` or `SignedImage`) transitively. Any errors returned by an `fn` are returned by `Map`.
func ReplaceSignatures(base oci.Signatures) (oci.Signatures, error)
ReplaceSignatures produces a new oci.Signatures provided by the base signatures replaced with the new oci.Signatures.
func Signature(original oci.Signature, opts ...SignatureOption) (oci.Signature, error)
Signature returns a new oci.Signature based on the provided original, plus the requested mutations.
Appendable is our signed version of mutate.Appendable
type Appendable interface {
oci.SignedEntity
mutate.Appendable
}
DupeDetector scans a list of signatures looking for a duplicate.
type DupeDetector interface {
Find(oci.Signatures, oci.Signature) (oci.Signature, error)
}
Fn is the signature of the callback supplied to Map. The oci.SignedEntity is either an oci.SignedImageIndex or an oci.SignedImage. This callback is called on oci.SignedImageIndex *before* its children are processed with a context that returns IsBeforeChildren(ctx) == true. If the images within the SignedImageIndex change after the Before pass, then the Fn will be invoked again on the new SignedImageIndex with a context that returns IsAfterChildren(ctx) == true. If the returned entity is nil, it is filtered from the result of Map.
type Fn func(context.Context, oci.SignedEntity) (oci.SignedEntity, error)
IndexAddendum is our signed version of mutate.IndexAddendum
type IndexAddendum struct {
Add Appendable
v1.Descriptor
}
type ReplaceOp interface {
Replace(oci.Signatures, oci.Signature) (oci.Signatures, error)
}
type SignOption func(*signOpts)
func WithDupeDetector(dd DupeDetector) SignOption
WithDupeDetector configures Sign* to use the following DupeDetector to avoid attaching duplicate signatures.
func WithRecordCreationTimestamp(rct bool) SignOption
func WithReplaceOp(ro ReplaceOp) SignOption
type SignatureOption func(*signatureOpts)
func WithAnnotations(annotations map[string]string) SignatureOption
WithAnnotations specifies the annotations the Signature should have.
func WithBundle(b *bundle.RekorBundle) SignatureOption
WithBundle specifies the new Bundle the Signature should have.
func WithCertChain(cert, chain []byte) SignatureOption
WithCertChain specifies the new cert and chain the Signature should have.
func WithMediaType(mediaType types.MediaType) SignatureOption
WithMediaType specifies the new MediaType the Signature should have.
func WithRFC3161Timestamp(b *bundle.RFC3161Timestamp) SignatureOption
WithRFC3161Timestamp specifies the new RFC3161Timestamp the Signature should have.