def Run(self, args):
project_ref = resources.REGISTRY.Parse(
properties.VALUES.core.project.Get(required=True),
collection='cloudresourcemanager.projects',
)
normalized_artifact_url = binauthz_command_util.NormalizeArtifactUrl(
args.artifact_url)
signature = files.GetFileOrStdinContents(args.signature_file)
if args.attestation_authority_note:
client = binauthz_api_util.ContainerAnalysisClient()
return client.CreateAttestationOccurrence(
project_ref=project_ref,
note_ref=args.CONCEPTS.attestation_authority_note.Parse(),
artifact_url=normalized_artifact_url,
pgp_key_fingerprint=args.pgp_key_fingerprint,
signature=signature,
)
else:
return self.CreateLegacyAttestation(
project_ref=project_ref,
normalized_artifact_url=normalized_artifact_url,
signature=signature,
public_key_file=args.public_key_file,
)
def Run(self, args):
normalized_artifact_url = None
if args.artifact_url:
normalized_artifact_url = binauthz_command_util.NormalizeArtifactUrl(
args.artifact_url)
note_ref = args.CONCEPTS.attestation_authority_note.Parse()
if note_ref is None:
authority_ref = args.CONCEPTS.attestation_authority.Parse()
api_version = apis.GetApiVersion(self.ReleaseTrack())
authority = authorities.Client(api_version).Get(authority_ref)
# TODO(b/79709480): Add other types of authorities if/when supported.
note_ref = resources.REGISTRY.ParseResourceId(
'containeranalysis.projects.notes',
authority.userOwnedDrydockNote.noteReference, {})
client = binauthz_api_util.ContainerAnalysisClient()
if normalized_artifact_url:
return client.YieldPgpKeyFingerprintsAndSignatures(
note_ref=note_ref,
artifact_url=normalized_artifact_url,
)
else:
return client.YieldUrlsWithOccurrences(note_ref)
def Run(self, args):
project_ref = resources.REGISTRY.Parse(
properties.VALUES.core.project.Get(required=True),
collection='cloudresourcemanager.projects',
)
normalized_artifact_url = binauthz_command_util.NormalizeArtifactUrl(
args.artifact_url)
signature = console_io.ReadFromFileOrStdin(args.signature_file,
binary=False)
attestor_ref = args.CONCEPTS.attestor.Parse()
api_version = apis.GetApiVersion(self.ReleaseTrack())
attestor = authorities.Client(api_version).Get(attestor_ref)
# TODO(b/79709480): Add other types of attestors if/when supported.
note_ref = resources.REGISTRY.ParseResourceId(
'containeranalysis.projects.notes',
attestor.userOwnedDrydockNote.noteReference, {})
client = binauthz_api_util.ContainerAnalysisClient()
return client.CreateAttestationOccurrence(
project_ref=project_ref,
note_ref=note_ref,
artifact_url=normalized_artifact_url,
pgp_key_fingerprint=args.pgp_key_fingerprint,
signature=signature,
)
def Run(self, args):
project_ref = resources.REGISTRY.Parse(
properties.VALUES.core.project.Get(required=True),
collection='cloudresourcemanager.projects')
container_analysis_client = binauthz_api_util.ContainerAnalysisClient()
if args.artifact_url:
normalized_artifact_url = binauthz_command_util.NormalizeArtifactUrl(
args.artifact_url)
return container_analysis_client.YieldSignatures(
project_ref=project_ref, artifact_url=normalized_artifact_url)
else:
return container_analysis_client.YieldUrlsWithOccurrences(
project_ref)
def Run(self, args):
normalized_artifact_url = None
if args.artifact_url:
normalized_artifact_url = binauthz_command_util.NormalizeArtifactUrl(
args.artifact_url)
attestation_authority_note_ref = (
args.CONCEPTS.attestation_authority_note.Parse())
client = binauthz_api_util.ContainerAnalysisClient()
if normalized_artifact_url:
return client.YieldPgpKeyFingerprintsAndSignatures(
note_ref=attestation_authority_note_ref,
artifact_url=normalized_artifact_url,
)
else:
return client.YieldUrlsWithOccurrences(attestation_authority_note_ref)
def Run(self, args):
project_ref = resources.REGISTRY.Parse(
properties.VALUES.core.project.Get(required=True),
collection='cloudresourcemanager.projects')
normalized_artifact_url = binauthz_command_util.NormalizeArtifactUrl(
args.artifact_url)
public_key = files.GetFileContents(args.public_key_file)
signature = files.GetFileOrStdinContents(args.signature_file)
note_id = binauthz_command_util.NoteId(normalized_artifact_url,
public_key, signature)
provider_ref = binauthz_command_util.CreateProviderRefFromProjectRef(
project_ref)
provider_note_ref = binauthz_command_util.ParseProviderNote(
note_id=note_id, provider_ref=provider_ref)
return binauthz_api_util.ContainerAnalysisClient().PutSignature(
occurrence_project_ref=project_ref,
provider_ref=provider_ref,
provider_note_ref=provider_note_ref,
note_id=note_id,
artifact_url=normalized_artifact_url,
public_key=public_key,
signature=signature)