Class: Google::Apis::ContaineranalysisV1alpha1::BuildSignature

Inherits:
Object
  • Object
show all
Includes:
Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport
Defined in:
generated/google/apis/containeranalysis_v1alpha1/classes.rb,
generated/google/apis/containeranalysis_v1alpha1/representations.rb,
generated/google/apis/containeranalysis_v1alpha1/representations.rb

Overview

Message encapsulating the signature of the verified build.

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Google::Apis::Core::JsonObjectSupport

#to_json

Methods included from Google::Apis::Core::Hashable

process_value, #to_h

Constructor Details

#initialize(**args) ⇒ BuildSignature

Returns a new instance of BuildSignature.


422
423
424
# File 'generated/google/apis/containeranalysis_v1alpha1/classes.rb', line 422

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#key_idString

An Id for the key used to sign. This could be either an Id for the key stored in public_key (such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service). Corresponds to the JSON property keyId

Returns:

  • (String)

396
397
398
# File 'generated/google/apis/containeranalysis_v1alpha1/classes.rb', line 396

def key_id
  @key_id
end

#key_typeString

The type of the key, either stored in public_key or referenced in key_id Corresponds to the JSON property keyType

Returns:

  • (String)

401
402
403
# File 'generated/google/apis/containeranalysis_v1alpha1/classes.rb', line 401

def key_type
  @key_type
end

#public_keyString

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem - signature signature.bin signed.bin Corresponds to the JSON property publicKey

Returns:

  • (String)

415
416
417
# File 'generated/google/apis/containeranalysis_v1alpha1/classes.rb', line 415

def public_key
  @public_key
end

#signatureString

Signature of the related BuildProvenance, encoded in a base64 string. Corresponds to the JSON property signature

Returns:

  • (String)

420
421
422
# File 'generated/google/apis/containeranalysis_v1alpha1/classes.rb', line 420

def signature
  @signature
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object


427
428
429
430
431
432
# File 'generated/google/apis/containeranalysis_v1alpha1/classes.rb', line 427

def update!(**args)
  @key_id = args[:key_id] if args.key?(:key_id)
  @key_type = args[:key_type] if args.key?(:key_type)
  @public_key = args[:public_key] if args.key?(:public_key)
  @signature = args[:signature] if args.key?(:signature)
end