mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-09 17:37:12 +00:00
aa2a88e8aa
Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> Co-authored-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
34 lines
945 B
Go
34 lines
945 B
Go
package internal
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
|
|
"github.com/go-logr/logr"
|
|
"github.com/sigstore/cosign/v2/pkg/blob"
|
|
"github.com/sigstore/sigstore/pkg/tuf"
|
|
)
|
|
|
|
func setupSigstoreTUF(ctx context.Context, logger logr.Logger) {
|
|
if !enableTUF {
|
|
return
|
|
}
|
|
|
|
logger = logger.WithName("sigstore-tuf").WithValues("tufRoot", tufRoot, "tufRootRaw", tufRootRaw, "tufMirror", tufMirror)
|
|
logger.Info("setup tuf client for sigstore...")
|
|
var tufRootBytes []byte
|
|
var err error
|
|
if tufRoot != "" {
|
|
tufRootBytes, err = blob.LoadFileOrURL(tufRoot)
|
|
if err != nil {
|
|
checkError(logger, err, fmt.Sprintf("Failed to read alternate TUF root file %s : %v", tufRoot, err))
|
|
}
|
|
} else if tufRootRaw != "" {
|
|
tufRootBytes = []byte(tufRootRaw)
|
|
}
|
|
|
|
logger.Info("Initializing TUF root")
|
|
if err := tuf.Initialize(ctx, tufMirror, tufRootBytes); err != nil {
|
|
checkError(logger, err, fmt.Sprintf("Failed to initialize TUF client from %s : %v", tufRoot, err))
|
|
}
|
|
}
|