Example #1
0
  def Run(self, args):
    project_ref = resources.REGISTRY.Parse(
        properties.VALUES.core.project.Get(required=True),
        collection='cloudresourcemanager.projects',
    )
    normalized_artifact_url = binauthz_command_util.NormalizeArtifactUrl(
        args.artifact_url)
    signature = files.GetFileOrStdinContents(args.signature_file)

    if args.attestation_authority_note:
      client = binauthz_api_util.ContainerAnalysisClient()
      return client.CreateAttestationOccurrence(
          project_ref=project_ref,
          note_ref=args.CONCEPTS.attestation_authority_note.Parse(),
          artifact_url=normalized_artifact_url,
          pgp_key_fingerprint=args.pgp_key_fingerprint,
          signature=signature,
      )
    else:
      return self.CreateLegacyAttestation(
          project_ref=project_ref,
          normalized_artifact_url=normalized_artifact_url,
          signature=signature,
          public_key_file=args.public_key_file,
      )
Example #2
0
 def _ReadFileOrStdin(self, path, max_bytes):
     data = files.GetFileOrStdinContents(path, binary=True)
     if len(data) > max_bytes:
         raise exceptions.BadFileException(
             'The file [{0}] is larger than the maximum size of {1} bytes.'.
             format(path, max_bytes))
     return data
Example #3
0
def _IsJsonFile(filename):
    """Check and validate if given filename is proper json file."""
    content = files.GetFileOrStdinContents(filename, binary=True)
    try:
        return json.loads(content), True
    except ValueError as e:
        if filename.endswith('.json'):
            raise auth_service_account.BadCredentialFileException(
                'Could not read json file {0}: {1}'.format(filename, e))
    return content, False
Example #4
0
  def FromFile(cls, fname, allow_rsa_encrypted):
    """FromFile loads a CsekKeyStore from a file.

    Args:
      fname: str, the name of a file intended to contain a well-formed key file
      allow_rsa_encrypted: bool, whether to allow keys of type 'rsa-encrypted'

    Returns:
      A CsekKeyStore, if found

    Raises:
      googlecloudsdk.core.util.files.Error: If the file cannot be read or is
                                            larger than max_bytes.
    """

    content = files.GetFileOrStdinContents(fname)

    return cls(content, allow_rsa_encrypted)
Example #5
0
 def Run(self, args):
     project_ref = resources.REGISTRY.Parse(
         properties.VALUES.core.project.Get(required=True),
         collection='cloudresourcemanager.projects')
     normalized_artifact_url = binauthz_command_util.NormalizeArtifactUrl(
         args.artifact_url)
     public_key = files.GetFileContents(args.public_key_file)
     signature = files.GetFileOrStdinContents(args.signature_file)
     note_id = binauthz_command_util.NoteId(normalized_artifact_url,
                                            public_key, signature)
     provider_ref = binauthz_command_util.CreateProviderRefFromProjectRef(
         project_ref)
     provider_note_ref = binauthz_command_util.ParseProviderNote(
         note_id=note_id, provider_ref=provider_ref)
     return binauthz_api_util.ContainerAnalysisClient().PutSignature(
         occurrence_project_ref=project_ref,
         provider_ref=provider_ref,
         provider_note_ref=provider_note_ref,
         note_id=note_id,
         artifact_url=normalized_artifact_url,
         public_key=public_key,
         signature=signature)
Example #6
0
def _ParsePayloadArgs(args):
    if args.IsSpecified('payload_file'):
        return files.GetFileOrStdinContents(args.payload_file, binary=False)
    elif args.IsSpecified('payload_content'):
        return args.payload_content