signatures.go

Documentation: github.com/sigstore/cosign/v2/pkg/oci/remote

     1  //
     2  // Copyright 2021 The Sigstore Authors.
     3  //
     4  // Licensed under the Apache License, Version 2.0 (the "License");
     5  // you may not use this file except in compliance with the License.
     6  // You may obtain a copy of the License at
     7  //
     8  //     http://www.apache.org/licenses/LICENSE-2.0
     9  //
    10  // Unless required by applicable law or agreed to in writing, software
    11  // distributed under the License is distributed on an "AS IS" BASIS,
    12  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  // See the License for the specific language governing permissions and
    14  // limitations under the License.
    15  
    16  package remote
    17  
    18  import (
    19  	"errors"
    20  	"net/http"
    21  
    22  	"github.com/google/go-containerregistry/pkg/name"
    23  	v1 "github.com/google/go-containerregistry/pkg/v1"
    24  	"github.com/google/go-containerregistry/pkg/v1/remote/transport"
    25  	"github.com/sigstore/cosign/v2/pkg/oci"
    26  	"github.com/sigstore/cosign/v2/pkg/oci/empty"
    27  	"github.com/sigstore/cosign/v2/pkg/oci/internal/signature"
    28  )
    29  
    30  const maxLayers = 1000
    31  
    32  // Signatures fetches the signatures image represented by the named reference.
    33  // If the tag is not found, this returns an empty oci.Signatures.
    34  func Signatures(ref name.Reference, opts ...Option) (oci.Signatures, error) {
    35  	o := makeOptions(ref.Context(), opts...)
    36  	img, err := remoteImage(ref, o.ROpt...)
    37  	var te *transport.Error
    38  	if errors.As(err, &te) {
    39  		if te.StatusCode != http.StatusNotFound {
    40  			return nil, te
    41  		}
    42  		return empty.Signatures(), nil
    43  	} else if err != nil {
    44  		return nil, err
    45  	}
    46  	return &sigs{
    47  		Image: img,
    48  	}, nil
    49  }
    50  
    51  type sigs struct {
    52  	v1.Image
    53  }
    54  
    55  var _ oci.Signatures = (*sigs)(nil)
    56  
    57  // Get implements oci.Signatures
    58  func (s *sigs) Get() ([]oci.Signature, error) {
    59  	m, err := s.Manifest()
    60  	if err != nil {
    61  		return nil, err
    62  	}
    63  	numLayers := int64(len(m.Layers))
    64  	if numLayers > maxLayers {
    65  		return nil, oci.NewMaxLayersExceeded(numLayers, maxLayers)
    66  	}
    67  	signatures := make([]oci.Signature, 0, len(m.Layers))
    68  	for _, desc := range m.Layers {
    69  		layer, err := s.Image.LayerByDigest(desc.Digest)
    70  		if err != nil {
    71  			return nil, err
    72  		}
    73  		signatures = append(signatures, signature.New(layer, desc))
    74  	}
    75  	return signatures, nil
    76  }
    77
View as plain text