...

Source file src/github.com/sigstore/cosign/v2/pkg/oci/remote/options.go

Documentation: github.com/sigstore/cosign/v2/pkg/oci/remote 

     1  //
     2  // Copyright 2021 The Sigstore Authors.
     3  //
     4  // Licensed under the Apache License, Version 2.0 (the "License");
     5  // you may not use this file except in compliance with the License.
     6  // You may obtain a copy of the License at
     7  //
     8  //     http://www.apache.org/licenses/LICENSE-2.0
     9  //
    10  // Unless required by applicable law or agreed to in writing, software
    11  // distributed under the License is distributed on an "AS IS" BASIS,
    12  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  // See the License for the specific language governing permissions and
    14  // limitations under the License.
    15  
    16  package remote
    17  
    18  import (
    19  	"fmt"
    20  
    21  	"github.com/google/go-containerregistry/pkg/authn"
    22  	"github.com/google/go-containerregistry/pkg/name"
    23  	"github.com/google/go-containerregistry/pkg/v1/remote"
    24  	"github.com/sigstore/cosign/v2/pkg/cosign/env"
    25  )
    26  
    27  const (
    28  	SignatureTagSuffix   = "sig"
    29  	SBOMTagSuffix        = "sbom"
    30  	AttestationTagSuffix = "att"
    31  	CustomTagPrefix      = ""
    32  
    33  	RepoOverrideEnvKey = "COSIGN_REPOSITORY"
    34  )
    35  
    36  // Option is a functional option for remote operations.
    37  type Option func(*options)
    38  
    39  type options struct {
    40  	SignatureSuffix   string
    41  	AttestationSuffix string
    42  	SBOMSuffix        string
    43  	TagPrefix         string
    44  	TargetRepository  name.Repository
    45  	ROpt              []remote.Option
    46  	NameOpts          []name.Option
    47  	OriginalOptions   []Option
    48  }
    49  
    50  var defaultOptions = []remote.Option{
    51  	remote.WithAuthFromKeychain(authn.DefaultKeychain),
    52  	// TODO(mattmoor): Incorporate user agent.
    53  }
    54  
    55  func makeOptions(target name.Repository, opts ...Option) *options {
    56  	o := &options{
    57  		SignatureSuffix:   SignatureTagSuffix,
    58  		AttestationSuffix: AttestationTagSuffix,
    59  		SBOMSuffix:        SBOMTagSuffix,
    60  		TagPrefix:         CustomTagPrefix,
    61  		TargetRepository:  target,
    62  		ROpt:              defaultOptions,
    63  
    64  		// Keep the original options around for things that want
    65  		// to call something that takes options!
    66  		OriginalOptions: opts,
    67  	}
    68  
    69  	for _, option := range opts {
    70  		option(o)
    71  	}
    72  
    73  	return o
    74  }
    75  
    76  // WithPrefix is a functional option for overriding the default
    77  // tag prefix.
    78  func WithPrefix(prefix string) Option {
    79  	return func(o *options) {
    80  		o.TagPrefix = prefix
    81  	}
    82  }
    83  
    84  // WithSignatureSuffix is a functional option for overriding the default
    85  // signature tag suffix.
    86  func WithSignatureSuffix(suffix string) Option {
    87  	return func(o *options) {
    88  		o.SignatureSuffix = suffix
    89  	}
    90  }
    91  
    92  // WithAttestationSuffix is a functional option for overriding the default
    93  // attestation tag suffix.
    94  func WithAttestationSuffix(suffix string) Option {
    95  	return func(o *options) {
    96  		o.AttestationSuffix = suffix
    97  	}
    98  }
    99  
   100  // WithSBOMSuffix is a functional option for overriding the default
   101  // SBOM tag suffix.
   102  func WithSBOMSuffix(suffix string) Option {
   103  	return func(o *options) {
   104  		o.SBOMSuffix = suffix
   105  	}
   106  }
   107  
   108  // WithRemoteOptions is a functional option for overriding the default
   109  // remote options passed to GGCR.
   110  func WithRemoteOptions(opts ...remote.Option) Option {
   111  	return func(o *options) {
   112  		o.ROpt = opts
   113  	}
   114  }
   115  
   116  // WithTargetRepository is a functional option for overriding the default
   117  // target repository hosting the signature and attestation tags.
   118  func WithTargetRepository(repo name.Repository) Option {
   119  	return func(o *options) {
   120  		o.TargetRepository = repo
   121  	}
   122  }
   123  
   124  // GetEnvTargetRepository returns the Repository specified by
   125  // `os.Getenv(RepoOverrideEnvKey)`, or the empty value if not set.
   126  // Returns an error if the value is set but cannot be parsed.
   127  func GetEnvTargetRepository() (name.Repository, error) {
   128  	if ro := env.Getenv(env.VariableRepository); ro != "" {
   129  		repo, err := name.NewRepository(ro)
   130  		if err != nil {
   131  			return name.Repository{}, fmt.Errorf("parsing $"+RepoOverrideEnvKey+": %w", err)
   132  		}
   133  		return repo, nil
   134  	}
   135  	return name.Repository{}, nil
   136  }
   137  
   138  // WithNameOptions is a functional option for overriding the default
   139  // name options passed to GGCR.
   140  func WithNameOptions(opts ...name.Option) Option {
   141  	return func(o *options) {
   142  		o.NameOpts = opts
   143  	}
   144  }
   145  

View as plain text