mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-06 16:06:56 +00:00
7cf1dd2b15
* update cosign to 1.5.0 and add checks Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix subject and issuer checks Signed-off-by: Jim Bugwadia <jim@nirmata.com> * make fmt Signed-off-by: Jim Bugwadia <jim@nirmata.com> * fix tests Signed-off-by: Jim Bugwadia <jim@nirmata.com>
28 lines
1,002 B
Go
28 lines
1,002 B
Go
package cosign
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/google/go-containerregistry/pkg/name"
|
|
"github.com/sigstore/cosign/pkg/cosign"
|
|
"github.com/sigstore/cosign/pkg/oci"
|
|
)
|
|
|
|
var client Cosign = &driver{}
|
|
|
|
type Cosign interface {
|
|
VerifyImageSignatures(ctx context.Context, signedImgRef name.Reference, co *cosign.CheckOpts) ([]oci.Signature, bool, error)
|
|
|
|
VerifyImageAttestations(ctx context.Context, signedImgRef name.Reference, co *cosign.CheckOpts) (checkedAttestations []oci.Signature, bundleVerified bool, err error)
|
|
}
|
|
|
|
type driver struct {
|
|
}
|
|
|
|
func (d *driver) VerifyImageSignatures(ctx context.Context, signedImgRef name.Reference, co *cosign.CheckOpts) ([]oci.Signature, bool, error) {
|
|
return cosign.VerifyImageSignatures(ctx, signedImgRef, co)
|
|
}
|
|
|
|
func (d *driver) VerifyImageAttestations(ctx context.Context, signedImgRef name.Reference, co *cosign.CheckOpts) (checkedAttestations []oci.Signature, bundleVerified bool, err error) {
|
|
return cosign.VerifyImageAttestations(ctx, signedImgRef, co)
|
|
}
|