def Run(self, args): project_ref = resources.REGISTRY.Parse( properties.VALUES.core.project.Get(required=True), collection='cloudresourcemanager.projects', ) normalized_artifact_url = binauthz_command_util.NormalizeArtifactUrl( args.artifact_url) signature = console_io.ReadFromFileOrStdin(args.signature_file, binary=False) attestor_ref = args.CONCEPTS.attestor.Parse() api_version = apis.GetApiVersion(self.ReleaseTrack()) attestor = authorities.Client(api_version).Get(attestor_ref) # TODO(b/79709480): Add other types of attestors if/when supported. note_ref = resources.REGISTRY.ParseResourceId( 'containeranalysis.projects.notes', attestor.userOwnedDrydockNote.noteReference, {}) client = binauthz_api_util.ContainerAnalysisClient() return client.CreateAttestationOccurrence( project_ref=project_ref, note_ref=note_ref, artifact_url=normalized_artifact_url, pgp_key_fingerprint=args.pgp_key_fingerprint, signature=signature, )
def Run(self, args): normalized_artifact_url = None if args.artifact_url: normalized_artifact_url = binauthz_command_util.NormalizeArtifactUrl( args.artifact_url) note_ref = args.CONCEPTS.attestation_authority_note.Parse() if note_ref is None: authority_ref = args.CONCEPTS.attestation_authority.Parse() api_version = apis.GetApiVersion(self.ReleaseTrack()) authority = authorities.Client(api_version).Get(authority_ref) # TODO(b/79709480): Add other types of authorities if/when supported. note_ref = resources.REGISTRY.ParseResourceId( 'containeranalysis.projects.notes', authority.userOwnedDrydockNote.noteReference, {}) client = binauthz_api_util.ContainerAnalysisClient() if normalized_artifact_url: return client.YieldPgpKeyFingerprintsAndSignatures( note_ref=note_ref, artifact_url=normalized_artifact_url, ) else: return client.YieldUrlsWithOccurrences(note_ref)
def Run(self, args): attestors_client = authorities.Client(apis.V1_BETA1) attestor_ref = args.CONCEPTS.attestor.Parse() attestors_client.RemoveKey( attestor_ref, fingerprint_to_remove=args.public_key_fingerprint)
def Run(self, args): authorities_client = authorities.Client() authority_ref = args.CONCEPTS.authority.Parse() authorities_client.RemoveKey( authority_ref, fingerprint_to_remove=args.public_key_fingerprint)
def Run(self, args): authorities_client = authorities.Client() authority_ref = args.CONCEPTS.authority.Parse() # TODO(b/71700164): Validate the contents of the public key file. return authorities_client.AddKey(authority_ref, args.public_key_file, args.comment)
def Run(self, args): attestors_client = authorities.Client(apis.V1_BETA1) attestor_ref = args.CONCEPTS.attestor.Parse() # TODO(b/71700164): Validate the contents of the public key file. return attestors_client.AddKey(attestor_ref, args.public_key_file, args.comment)
def Run(self, args): attestor_ref = args.CONCEPTS.attestor.Parse() return authorities.Client(apis.V1_BETA1).Update( attestor_ref, description=args.description)
def Run(self, args): attestor_ref = args.CONCEPTS.attestor.Parse() return authorities.Client(apis.V1_BETA1).Get(attestor_ref)
def Run(self, args): authority_ref = args.CONCEPTS.authority.Parse() note_ref = args.CONCEPTS.authority_note.Parse() # TODO(b/74193183): Add a comment option. return authorities.Client().Create(authority_ref, note_ref)
def Run(self, args): return authorities.Client().List(util.GetProjectRef())
def Run(self, args): authority_ref = args.CONCEPTS.authority.Parse() return authorities.Client().Delete(authority_ref)
def Run(self, args): authority_ref = args.CONCEPTS.authority.Parse() return authorities.Client().Update(authority_ref, description=args.description)
def Run(self, args): attestor_ref = args.CONCEPTS.attestor.Parse() note_ref = args.CONCEPTS.attestation_authority_note.Parse() return authorities.Client(apis.V1_BETA1).Create( attestor_ref, note_ref, description=args.description)
def Run(self, args): return authorities.Client(apis.V1_BETA1).List(util.GetProjectRef())