Class: Google::Apis::ContaineranalysisV1beta1::BuildSignature

Inherits:
Object
  • Object
show all
Includes:
Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport
Defined in:
generated/google/apis/containeranalysis_v1beta1/classes.rb,
generated/google/apis/containeranalysis_v1beta1/representations.rb,
generated/google/apis/containeranalysis_v1beta1/representations.rb

Overview

Message encapsulating the signature of the verified build.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(**args) ⇒ BuildSignature

Returns a new instance of BuildSignature.



527
528
529
# File 'generated/google/apis/containeranalysis_v1beta1/classes.rb', line 527

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#key_idString

An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service). Corresponds to the JSON property keyId

Returns:

  • (String)


499
500
501
# File 'generated/google/apis/containeranalysis_v1beta1/classes.rb', line 499

def key_id
  @key_id
end

#key_typeString

The type of the key, either stored in public_key or referenced in key_id. Corresponds to the JSON property keyType

Returns:

  • (String)


504
505
506
# File 'generated/google/apis/containeranalysis_v1beta1/classes.rb', line 504

def key_type
  @key_type
end

#public_keyString

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem - signature signature.bin signed.bin Corresponds to the JSON property publicKey

Returns:

  • (String)


518
519
520
# File 'generated/google/apis/containeranalysis_v1beta1/classes.rb', line 518

def public_key
  @public_key
end

#signatureString

Required. Signature of the related BuildProvenance. In JSON, this is base-64 encoded. Corresponds to the JSON property signature NOTE: Values are automatically base64 encoded/decoded in the client library.

Returns:

  • (String)


525
526
527
# File 'generated/google/apis/containeranalysis_v1beta1/classes.rb', line 525

def signature
  @signature
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



532
533
534
535
536
537
# File 'generated/google/apis/containeranalysis_v1beta1/classes.rb', line 532

def update!(**args)
  @key_id = args[:key_id] if args.key?(:key_id)
  @key_type = args[:key_type] if args.key?(:key_type)
  @public_key = args[:public_key] if args.key?(:public_key)
  @signature = args[:signature] if args.key?(:signature)
end