Module: SupplyChain

Defined in:: lib/supply_chain.rb,
lib/supply_chain/artifacts_reader.rb,
app/models/supply_chain/attestation.rb,
app/uploaders/supply_chain/attestation_uploader.rb,
app/models/supply_chain/slsa/resource_descriptor.rb,
app/models/supply_chain/slsa/provenance_statement.rb

Defined Under Namespace

Modules: Slsa Classes: ArtifactsReader, Attestation, AttestationUploader

Constant Summary collapse

ATTEST_BUILD_CI_VARIABLE =

"ATTEST_BUILD_ARTIFACTS"

ATTEST_BUILD_STAGE_NAME =

"build"

Class Method Summary collapse

.publish_provenance_for_build?(build) ⇒ Boolean

Class Method Details

.publish_provenance_for_build?(build) ⇒ `Boolean`

Returns:

(Boolean)

# File 'lib/supply_chain.rb', line 8

def publish_provenance_for_build?(build)
  Feature.enabled?(:slsa_provenance_statement, build.project) &&
    build.project.public? &&
    build.stage_name == ATTEST_BUILD_STAGE_NAME &&
    build.yaml_variables.any? { |variable| variable[:key] == ATTEST_BUILD_CI_VARIABLE } &&
    build.artifacts?
end