kyverno/pkg/notaryv2/truststore.go

package notaryv2

import (
	"context"
	"crypto/x509"

	"github.com/notaryproject/notation-go/verifier/truststore"
	"github.com/pkg/errors"
)

type simpleTrustStore struct {
	name      string
	storeType truststore.Type
	certs     []*x509.Certificate
}

func NewTrustStore(name string, certs []*x509.Certificate) truststore.X509TrustStore {
	return &simpleTrustStore{
		name:      name,
		storeType: truststore.TypeCA,
		certs:     certs,
	}
}

func (ts *simpleTrustStore) GetCertificates(ctx context.Context, storeType truststore.Type, name string) ([]*x509.Certificate, error) {
	if storeType != ts.storeType {
		return nil, errors.Errorf("invalid truststore type")
	}

	if name != ts.name {
		return nil, errors.Errorf("invalid truststore name")
	}

	return ts.certs, nil
}
Notary v2 (#6011) * fix make debug-deploy Signed-off-by: Jim Bugwadia <jim@nirmata.com> * improve log messages Signed-off-by: Jim Bugwadia <jim@nirmata.com> * initial update Signed-off-by: Jim Bugwadia <jim@nirmata.com> * initial update Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update registry credentials handling order Signed-off-by: Jim Bugwadia <jim@nirmata.com> * comment out ACR helper - breaks anonymous image pull Signed-off-by: Jim Bugwadia <jim@nirmata.com> * merge main and refactor verifiers Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix opt init Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove local address Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update to NotaryV2 RC Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix fmt Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update deps Signed-off-by: Jim Bugwadia <jim@nirmata.com> * format imports Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove env and no-op statement Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix merge issues Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix linter issue Signed-off-by: Jim Bugwadia <jim@nirmata.com> * remove unused field Signed-off-by: Jim Bugwadia <jim@nirmata.com> * make fmt Signed-off-by: Jim Bugwadia <jim@nirmata.com> * renable ACR credential helper Signed-off-by: Jim Bugwadia <jim@nirmata.com> * Update .vscode/launch.json Signed-off-by: shuting <shutting06@gmail.com> --------- Signed-off-by: Jim Bugwadia <jim@nirmata.com> Signed-off-by: shuting <shutting06@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> Co-authored-by: shuting <shutting06@gmail.com> 2023-02-20 08:26:10 -08:00			`package notaryv2`

			`import (`
			`"context"`
			`"crypto/x509"`

			`"github.com/notaryproject/notation-go/verifier/truststore"`
			`"github.com/pkg/errors"`
			`)`

			`type simpleTrustStore struct {`
			`name string`
			`storeType truststore.Type`
			`certs []*x509.Certificate`
			`}`

			`func NewTrustStore(name string, certs []*x509.Certificate) truststore.X509TrustStore {`
			`return &simpleTrustStore{`
			`name: name,`
			`storeType: truststore.TypeCA,`
			`certs: certs,`
			`}`
			`}`

			`func (ts simpleTrustStore) GetCertificates(ctx context.Context, storeType truststore.Type, name string) ([]x509.Certificate, error) {`
			`if storeType != ts.storeType {`
			`return nil, errors.Errorf("invalid truststore type")`
			`}`

			`if name != ts.name {`
			`return nil, errors.Errorf("invalid truststore name")`
			`}`

			`return ts.certs, nil`
			`}`