const (
SignatureTagSuffix = "sig"
SBOMTagSuffix = "sbom"
AttestationTagSuffix = "att"
CustomTagPrefix = ""
RepoOverrideEnvKey = "COSIGN_REPOSITORY"
)
var ErrImageNotFound = errors.New("image not found in registry")
func AttestationTag(ref name.Reference, opts ...Option) (name.Tag, error)
AttestationTag returns the name.Tag that associated attestations with a particular digest.
func DigestTag(ref name.Reference, opts ...Option) (name.Tag, error)
DigestTag returns the name.Tag that associated SBOMs with a particular digest.
func DockerContentDigest(ref name.Tag, opts ...Option) (name.Tag, error)
DockerContentDigest fetches the Docker-Content-Digest header for the referenced tag, which is required to delete the object in registry API v2.3 and greater. See https://github.com/distribution/distribution/blob/main/docs/content/spec/api.md#deleting-an-image and https://github.com/distribution/distribution/issues/1579
func GetEnvTargetRepository() (name.Repository, error)
GetEnvTargetRepository returns the Repository specified by `os.Getenv(RepoOverrideEnvKey)`, or the empty value if not set. Returns an error if the value is set but cannot be parsed.
func NewEntityNotFoundError(err error) error
func Referrers(d name.Digest, artifactType string, opts ...Option) (*v1.IndexManifest, error)
Referrers fetches references using registry options.
func ResolveDigest(ref name.Reference, opts ...Option) (name.Digest, error)
ResolveDigest returns the digest of the image at the reference.
If the reference is by digest already, it simply extracts the digest. Otherwise, it looks up the digest from the registry.
func SBOMTag(ref name.Reference, opts ...Option) (name.Tag, error)
SBOMTag returns the name.Tag that associated SBOMs with a particular digest.
func SignatureTag(ref name.Reference, opts ...Option) (name.Tag, error)
SignatureTag returns the name.Tag that associated signatures with a particular digest.
func Signatures(ref name.Reference, opts ...Option) (oci.Signatures, error)
Signatures fetches the signatures image represented by the named reference. If the tag is not found, this returns an empty oci.Signatures.
func SignedEntity(ref name.Reference, options ...Option) (oci.SignedEntity, error)
SignedEntity provides access to a remote reference, and its signatures. The SignedEntity will be one of SignedImage or SignedImageIndex.
func SignedImage(ref name.Reference, options ...Option) (oci.SignedImage, error)
SignedImage provides access to a remote image reference, and its signatures.
func SignedImageIndex(ref name.Reference, options ...Option) (oci.SignedImageIndex, error)
SignedImageIndex provides access to a remote index reference, and its signatures.
func SignedUnknown(digest name.Digest, options ...Option) oci.SignedEntity
SignedUnknown provides access to signed metadata without directly accessing the underlying entity. This can be used to access signature metadata for digests that have not been published (yet).
func WriteAttestations(repo name.Repository, se oci.SignedEntity, opts ...Option) error
WriteAttestations publishes the attestations attached to the given entity into the provided repository.
func WriteSignatures(repo name.Repository, se oci.SignedEntity, opts ...Option) error
WriteSignature publishes the signatures attached to the given entity into the provided repository.
func WriteSignaturesExperimentalOCI(d name.Digest, se oci.SignedEntity, opts ...Option) error
WriteSignaturesExperimentalOCI publishes the signatures attached to the given entity into the provided repository (using OCI 1.1 methods).
func WriteSignedImageIndexImages(ref name.Reference, sii oci.SignedImageIndex, opts ...Option) error
WriteSignedImageIndexImages writes the images within the image index This includes the signed image and associated signatures in the image index TODO (priyawadhwa@): write the `index.json` itself to the repo as well TODO (priyawadhwa@): write the attestations
EntityNotFoundError is the error that SignedEntity returns when the provided ref does not exist.
type EntityNotFoundError struct {
// contains filtered or unexported fields
}
func (e *EntityNotFoundError) Error() string
Option is a functional option for remote operations.
type Option func(*options)
func WithAttestationSuffix(suffix string) Option
WithAttestationSuffix is a functional option for overriding the default attestation tag suffix.
func WithNameOptions(opts ...name.Option) Option
WithNameOptions is a functional option for overriding the default name options passed to GGCR.
func WithPrefix(prefix string) Option
WithPrefix is a functional option for overriding the default tag prefix.
func WithRemoteOptions(opts ...remote.Option) Option
WithRemoteOptions is a functional option for overriding the default remote options passed to GGCR.
func WithSBOMSuffix(suffix string) Option
WithSBOMSuffix is a functional option for overriding the default SBOM tag suffix.
func WithSignatureSuffix(suffix string) Option
WithSignatureSuffix is a functional option for overriding the default signature tag suffix.
func WithTargetRepository(repo name.Repository) Option
WithTargetRepository is a functional option for overriding the default target repository hosting the signature and attestation tags.