Class: Google::Apis::ContaineranalysisV1alpha1::BuildSignature

Inherits:
Object
  • Object
show all
Includes:
Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport
Defined in:
lib/google/apis/containeranalysis_v1alpha1/classes.rb,
lib/google/apis/containeranalysis_v1alpha1/representations.rb,
lib/google/apis/containeranalysis_v1alpha1/representations.rb

Overview

Message encapsulating the signature of the verified build.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(**args) ⇒ BuildSignature

Returns a new instance of BuildSignature.



638
639
640
# File 'lib/google/apis/containeranalysis_v1alpha1/classes.rb', line 638

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#key_idString

An Id for the key used to sign. This could be either an Id for the key stored in public_key (such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service). Corresponds to the JSON property keyId

Returns:

  • (String)


612
613
614
# File 'lib/google/apis/containeranalysis_v1alpha1/classes.rb', line 612

def key_id
  @key_id
end

#key_typeString

The type of the key, either stored in public_key or referenced in key_id Corresponds to the JSON property keyType

Returns:

  • (String)


617
618
619
# File 'lib/google/apis/containeranalysis_v1alpha1/classes.rb', line 617

def key_type
  @key_type
end

#public_keyString

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem - signature signature.bin signed.bin Corresponds to the JSON property publicKey

Returns:

  • (String)


631
632
633
# File 'lib/google/apis/containeranalysis_v1alpha1/classes.rb', line 631

def public_key
  @public_key
end

#signatureString

Signature of the related BuildProvenance, encoded in a base64 string. Corresponds to the JSON property signature

Returns:

  • (String)


636
637
638
# File 'lib/google/apis/containeranalysis_v1alpha1/classes.rb', line 636

def signature
  @signature
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



643
644
645
646
647
648
# File 'lib/google/apis/containeranalysis_v1alpha1/classes.rb', line 643

def update!(**args)
  @key_id = args[:key_id] if args.key?(:key_id)
  @key_type = args[:key_type] if args.key?(:key_type)
  @public_key = args[:public_key] if args.key?(:public_key)
  @signature = args[:signature] if args.key?(:signature)
end