Enum value maps for NoteKind.
var (
NoteKind_name = map[int32]string{
0: "NOTE_KIND_UNSPECIFIED",
1: "VULNERABILITY",
2: "BUILD",
3: "IMAGE",
4: "PACKAGE",
5: "DEPLOYMENT",
6: "DISCOVERY",
7: "ATTESTATION",
}
NoteKind_value = map[string]int32{
"NOTE_KIND_UNSPECIFIED": 0,
"VULNERABILITY": 1,
"BUILD": 2,
"IMAGE": 3,
"PACKAGE": 4,
"DEPLOYMENT": 5,
"DISCOVERY": 6,
"ATTESTATION": 7,
}
)
var File_google_devtools_containeranalysis_v1beta1_common_common_proto protoreflect.FileDescriptor
Kind represents the kinds of notes supported.
type NoteKind int32
const (
// Unknown.
NoteKind_NOTE_KIND_UNSPECIFIED NoteKind = 0
// The note and occurrence represent a package vulnerability.
NoteKind_VULNERABILITY NoteKind = 1
// The note and occurrence assert build provenance.
NoteKind_BUILD NoteKind = 2
// This represents an image basis relationship.
NoteKind_IMAGE NoteKind = 3
// This represents a package installed via a package manager.
NoteKind_PACKAGE NoteKind = 4
// The note and occurrence track deployment events.
NoteKind_DEPLOYMENT NoteKind = 5
// The note and occurrence track the initial discovery status of a resource.
NoteKind_DISCOVERY NoteKind = 6
// This represents a logical "role" that can attest to artifacts.
NoteKind_ATTESTATION NoteKind = 7
)
func (NoteKind) Descriptor() protoreflect.EnumDescriptor
func (x NoteKind) Enum() *NoteKind
func (NoteKind) EnumDescriptor() ([]byte, []int)
Deprecated: Use NoteKind.Descriptor instead.
func (x NoteKind) Number() protoreflect.EnumNumber
func (x NoteKind) String() string
func (NoteKind) Type() protoreflect.EnumType
Metadata for any related URL information.
type RelatedUrl struct {
// Specific URL associated with the resource.
Url string `protobuf:"bytes,1,opt,name=url,proto3" json:"url,omitempty"`
// Label to describe usage of the URL.
Label string `protobuf:"bytes,2,opt,name=label,proto3" json:"label,omitempty"`
// contains filtered or unexported fields
}
func (*RelatedUrl) Descriptor() ([]byte, []int)
Deprecated: Use RelatedUrl.ProtoReflect.Descriptor instead.
func (x *RelatedUrl) GetLabel() string
func (x *RelatedUrl) GetUrl() string
func (*RelatedUrl) ProtoMessage()
func (x *RelatedUrl) ProtoReflect() protoreflect.Message
func (x *RelatedUrl) Reset()
func (x *RelatedUrl) String() string
Verifiers (e.g. Kritis implementations) MUST verify signatures with respect to the trust anchors defined in policy (e.g. a Kritis policy). Typically this means that the verifier has been configured with a map from `public_key_id` to public key material (and any required parameters, e.g. signing algorithm).
In particular, verification implementations MUST NOT treat the signature `public_key_id` as anything more than a key lookup hint. The `public_key_id` DOES NOT validate or authenticate a public key; it only provides a mechanism for quickly selecting a public key ALREADY CONFIGURED on the verifier through a trusted channel. Verification implementations MUST reject signatures in any of the following circumstances:
The `signature` contents SHOULD NOT be "attached" (where the payload is included with the serialized `signature` bytes). Verifiers MUST ignore any "attached" payload and only verify signatures with respect to explicitly provided payload (e.g. a `payload` field on the proto message that holds this Signature, or the canonical serialization of the proto message that holds this signature).
type Signature struct {
// The content of the signature, an opaque bytestring.
// The payload that this signature verifies MUST be unambiguously provided
// with the Signature during verification. A wrapper message might provide
// the payload explicitly. Alternatively, a message might have a canonical
// serialization that can always be unambiguously computed to derive the
// payload.
Signature []byte `protobuf:"bytes,1,opt,name=signature,proto3" json:"signature,omitempty"`
// The identifier for the public key that verifies this signature.
// * The `public_key_id` is required.
// * The `public_key_id` MUST be an RFC3986 conformant URI.
// * When possible, the `public_key_id` SHOULD be an immutable reference,
// such as a cryptographic digest.
//
// Examples of valid `public_key_id`s:
//
// OpenPGP V4 public key fingerprint:
// * "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA"
// See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more
// details on this scheme.
//
// RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER
// serialization):
// * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
// * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"
PublicKeyId string `protobuf:"bytes,2,opt,name=public_key_id,json=publicKeyId,proto3" json:"public_key_id,omitempty"`
// contains filtered or unexported fields
}
func (*Signature) Descriptor() ([]byte, []int)
Deprecated: Use Signature.ProtoReflect.Descriptor instead.
func (x *Signature) GetPublicKeyId() string
func (x *Signature) GetSignature() []byte
func (*Signature) ProtoMessage()
func (x *Signature) ProtoReflect() protoreflect.Message
func (x *Signature) Reset()
func (x *Signature) String() string