Class: Google::Apis::ContaineranalysisV1beta1::BuildSignature

Inherits:
Object
  • Object
show all
Includes:
Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport
Defined in:
generated/google/apis/containeranalysis_v1beta1/classes.rb,
generated/google/apis/containeranalysis_v1beta1/representations.rb,
generated/google/apis/containeranalysis_v1beta1/representations.rb

Overview

Message encapsulating the signature of the verified build.

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Google::Apis::Core::JsonObjectSupport

#to_json

Methods included from Google::Apis::Core::Hashable

process_value, #to_h

Constructor Details

#initialize(**args) ⇒ BuildSignature

Returns a new instance of BuildSignature.


526
527
528
# File 'generated/google/apis/containeranalysis_v1beta1/classes.rb', line 526

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#key_idString

An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service). Corresponds to the JSON property keyId

Returns:

  • (String)

498
499
500
# File 'generated/google/apis/containeranalysis_v1beta1/classes.rb', line 498

def key_id
  @key_id
end

#key_typeString

The type of the key, either stored in public_key or referenced in key_id. Corresponds to the JSON property keyType

Returns:

  • (String)

503
504
505
# File 'generated/google/apis/containeranalysis_v1beta1/classes.rb', line 503

def key_type
  @key_type
end

#public_keyString

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem - signature signature.bin signed.bin Corresponds to the JSON property publicKey

Returns:

  • (String)

517
518
519
# File 'generated/google/apis/containeranalysis_v1beta1/classes.rb', line 517

def public_key
  @public_key
end

#signatureString

Required. Signature of the related BuildProvenance. In JSON, this is base-64 encoded. Corresponds to the JSON property signature NOTE: Values are automatically base64 encoded/decoded in the client library.

Returns:

  • (String)

524
525
526
# File 'generated/google/apis/containeranalysis_v1beta1/classes.rb', line 524

def signature
  @signature
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object


531
532
533
534
535
536
# File 'generated/google/apis/containeranalysis_v1beta1/classes.rb', line 531

def update!(**args)
  @key_id = args[:key_id] if args.key?(:key_id)
  @key_type = args[:key_type] if args.key?(:key_type)
  @public_key = args[:public_key] if args.key?(:public_key)
  @signature = args[:signature] if args.key?(:signature)
end