def Run(self, args): project_ref = resources.REGISTRY.Parse( properties.VALUES.core.project.Get(required=True), collection='cloudresourcemanager.projects', ) normalized_artifact_url = binauthz_command_util.NormalizeArtifactUrl( args.artifact_url) signature = files.GetFileOrStdinContents(args.signature_file) if args.attestation_authority_note: client = binauthz_api_util.ContainerAnalysisClient() return client.CreateAttestationOccurrence( project_ref=project_ref, note_ref=args.CONCEPTS.attestation_authority_note.Parse(), artifact_url=normalized_artifact_url, pgp_key_fingerprint=args.pgp_key_fingerprint, signature=signature, ) else: return self.CreateLegacyAttestation( project_ref=project_ref, normalized_artifact_url=normalized_artifact_url, signature=signature, public_key_file=args.public_key_file, )
def Run(self, args): normalized_artifact_url = None if args.artifact_url: normalized_artifact_url = binauthz_command_util.NormalizeArtifactUrl( args.artifact_url) note_ref = args.CONCEPTS.attestation_authority_note.Parse() if note_ref is None: authority_ref = args.CONCEPTS.attestation_authority.Parse() api_version = apis.GetApiVersion(self.ReleaseTrack()) authority = authorities.Client(api_version).Get(authority_ref) # TODO(b/79709480): Add other types of authorities if/when supported. note_ref = resources.REGISTRY.ParseResourceId( 'containeranalysis.projects.notes', authority.userOwnedDrydockNote.noteReference, {}) client = binauthz_api_util.ContainerAnalysisClient() if normalized_artifact_url: return client.YieldPgpKeyFingerprintsAndSignatures( note_ref=note_ref, artifact_url=normalized_artifact_url, ) else: return client.YieldUrlsWithOccurrences(note_ref)
def Run(self, args): project_ref = resources.REGISTRY.Parse( properties.VALUES.core.project.Get(required=True), collection='cloudresourcemanager.projects', ) normalized_artifact_url = binauthz_command_util.NormalizeArtifactUrl( args.artifact_url) signature = console_io.ReadFromFileOrStdin(args.signature_file, binary=False) attestor_ref = args.CONCEPTS.attestor.Parse() api_version = apis.GetApiVersion(self.ReleaseTrack()) attestor = authorities.Client(api_version).Get(attestor_ref) # TODO(b/79709480): Add other types of attestors if/when supported. note_ref = resources.REGISTRY.ParseResourceId( 'containeranalysis.projects.notes', attestor.userOwnedDrydockNote.noteReference, {}) client = binauthz_api_util.ContainerAnalysisClient() return client.CreateAttestationOccurrence( project_ref=project_ref, note_ref=note_ref, artifact_url=normalized_artifact_url, pgp_key_fingerprint=args.pgp_key_fingerprint, signature=signature, )
def Run(self, args): project_ref = resources.REGISTRY.Parse( properties.VALUES.core.project.Get(required=True), collection='cloudresourcemanager.projects') container_analysis_client = binauthz_api_util.ContainerAnalysisClient() if args.artifact_url: normalized_artifact_url = binauthz_command_util.NormalizeArtifactUrl( args.artifact_url) return container_analysis_client.YieldSignatures( project_ref=project_ref, artifact_url=normalized_artifact_url) else: return container_analysis_client.YieldUrlsWithOccurrences( project_ref)
def Run(self, args): normalized_artifact_url = None if args.artifact_url: normalized_artifact_url = binauthz_command_util.NormalizeArtifactUrl( args.artifact_url) attestation_authority_note_ref = ( args.CONCEPTS.attestation_authority_note.Parse()) client = binauthz_api_util.ContainerAnalysisClient() if normalized_artifact_url: return client.YieldPgpKeyFingerprintsAndSignatures( note_ref=attestation_authority_note_ref, artifact_url=normalized_artifact_url, ) else: return client.YieldUrlsWithOccurrences(attestation_authority_note_ref)
def Run(self, args): project_ref = resources.REGISTRY.Parse( properties.VALUES.core.project.Get(required=True), collection='cloudresourcemanager.projects') normalized_artifact_url = binauthz_command_util.NormalizeArtifactUrl( args.artifact_url) public_key = files.GetFileContents(args.public_key_file) signature = files.GetFileOrStdinContents(args.signature_file) note_id = binauthz_command_util.NoteId(normalized_artifact_url, public_key, signature) provider_ref = binauthz_command_util.CreateProviderRefFromProjectRef( project_ref) provider_note_ref = binauthz_command_util.ParseProviderNote( note_id=note_id, provider_ref=provider_ref) return binauthz_api_util.ContainerAnalysisClient().PutSignature( occurrence_project_ref=project_ref, provider_ref=provider_ref, provider_note_ref=provider_note_ref, note_id=note_id, artifact_url=normalized_artifact_url, public_key=public_key, signature=signature)