Class: Google::Apis::ContaineranalysisV1alpha1::BuildSignature
- Inherits:
-
Object
- Object
- Google::Apis::ContaineranalysisV1alpha1::BuildSignature
- Includes:
- Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport
- Defined in:
- lib/google/apis/containeranalysis_v1alpha1/classes.rb,
lib/google/apis/containeranalysis_v1alpha1/representations.rb,
lib/google/apis/containeranalysis_v1alpha1/representations.rb
Overview
Message encapsulating the signature of the verified build.
Instance Attribute Summary collapse
-
#key_id ⇒ String
An Id for the key used to sign.
-
#key_type ⇒ String
The type of the key, either stored in
public_key
or referenced inkey_id
Corresponds to the JSON propertykeyType
. -
#public_key ⇒ String
Public key of the builder which can be used to verify that the related findings are valid and unchanged.
-
#signature ⇒ String
Signature of the related
BuildProvenance
, encoded in a base64 string.
Instance Method Summary collapse
-
#initialize(**args) ⇒ BuildSignature
constructor
A new instance of BuildSignature.
-
#update!(**args) ⇒ Object
Update properties of this object.
Constructor Details
#initialize(**args) ⇒ BuildSignature
Returns a new instance of BuildSignature.
638 639 640 |
# File 'lib/google/apis/containeranalysis_v1alpha1/classes.rb', line 638 def initialize(**args) update!(**args) end |
Instance Attribute Details
#key_id ⇒ String
An Id for the key used to sign. This could be either an Id for the key stored
in public_key
(such as the Id or fingerprint for a PGP key, or the CN for a
cert), or a reference to an external key (such as a reference to a key in
Cloud Key Management Service).
Corresponds to the JSON property keyId
612 613 614 |
# File 'lib/google/apis/containeranalysis_v1alpha1/classes.rb', line 612 def key_id @key_id end |
#key_type ⇒ String
The type of the key, either stored in public_key
or referenced in key_id
Corresponds to the JSON property keyType
617 618 619 |
# File 'lib/google/apis/containeranalysis_v1alpha1/classes.rb', line 617 def key_type @key_type end |
#public_key ⇒ String
Public key of the builder which can be used to verify that the related
findings are valid and unchanged. If key_type
is empty, this defaults to PEM
encoded public keys. This field may be empty if key_id
references an
external key. For Cloud Build based signatures, this is a PEM encoded public
key. To verify the Cloud Build signature, place the contents of this field
into a file (public.pem). The signature field is base64-decoded into its
binary representation in signature.bin, and the provenance bytes from
BuildDetails
are base64-decoded into a binary representation in signed.bin.
OpenSSL can then verify the signature: openssl sha256 -verify public.pem -
signature signature.bin signed.bin
Corresponds to the JSON property publicKey
631 632 633 |
# File 'lib/google/apis/containeranalysis_v1alpha1/classes.rb', line 631 def public_key @public_key end |
#signature ⇒ String
Signature of the related BuildProvenance
, encoded in a base64 string.
Corresponds to the JSON property signature
636 637 638 |
# File 'lib/google/apis/containeranalysis_v1alpha1/classes.rb', line 636 def signature @signature end |
Instance Method Details
#update!(**args) ⇒ Object
Update properties of this object
643 644 645 646 647 648 |
# File 'lib/google/apis/containeranalysis_v1alpha1/classes.rb', line 643 def update!(**args) @key_id = args[:key_id] if args.key?(:key_id) @key_type = args[:key_type] if args.key?(:key_type) @public_key = args[:public_key] if args.key?(:public_key) @signature = args[:signature] if args.key?(:signature) end |