Class: Google::Apis::ContaineranalysisV1beta1::BuildSignature
- Inherits:
-
Object
- Object
- Google::Apis::ContaineranalysisV1beta1::BuildSignature
- Includes:
- Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport
- Defined in:
- generated/google/apis/containeranalysis_v1beta1/classes.rb,
generated/google/apis/containeranalysis_v1beta1/representations.rb,
generated/google/apis/containeranalysis_v1beta1/representations.rb
Overview
Message encapsulating the signature of the verified build.
Instance Attribute Summary collapse
-
#key_id ⇒ String
An ID for the key used to sign.
-
#key_type ⇒ String
The type of the key, either stored in
public_key
or referenced inkey_id
. -
#public_key ⇒ String
Public key of the builder which can be used to verify that the related findings are valid and unchanged.
-
#signature ⇒ String
Required.
Instance Method Summary collapse
-
#initialize(**args) ⇒ BuildSignature
constructor
A new instance of BuildSignature.
-
#update!(**args) ⇒ Object
Update properties of this object.
Constructor Details
#initialize(**args) ⇒ BuildSignature
Returns a new instance of BuildSignature.
527 528 529 |
# File 'generated/google/apis/containeranalysis_v1beta1/classes.rb', line 527 def initialize(**args) update!(**args) end |
Instance Attribute Details
#key_id ⇒ String
An ID for the key used to sign. This could be either an ID for the key stored
in public_key
(such as the ID or fingerprint for a PGP key, or the CN for a
cert), or a reference to an external key (such as a reference to a key in
Cloud Key Management Service).
Corresponds to the JSON property keyId
499 500 501 |
# File 'generated/google/apis/containeranalysis_v1beta1/classes.rb', line 499 def key_id @key_id end |
#key_type ⇒ String
The type of the key, either stored in public_key
or referenced in key_id
.
Corresponds to the JSON property keyType
504 505 506 |
# File 'generated/google/apis/containeranalysis_v1beta1/classes.rb', line 504 def key_type @key_type end |
#public_key ⇒ String
Public key of the builder which can be used to verify that the related
findings are valid and unchanged. If key_type
is empty, this defaults to PEM
encoded public keys. This field may be empty if key_id
references an
external key. For Cloud Build based signatures, this is a PEM encoded public
key. To verify the Cloud Build signature, place the contents of this field
into a file (public.pem). The signature field is base64-decoded into its
binary representation in signature.bin, and the provenance bytes from
BuildDetails
are base64-decoded into a binary representation in signed.bin.
OpenSSL can then verify the signature: openssl sha256 -verify public.pem -
signature signature.bin signed.bin
Corresponds to the JSON property publicKey
518 519 520 |
# File 'generated/google/apis/containeranalysis_v1beta1/classes.rb', line 518 def public_key @public_key end |
#signature ⇒ String
Required. Signature of the related BuildProvenance
. In JSON, this is base-64
encoded.
Corresponds to the JSON property signature
NOTE: Values are automatically base64 encoded/decoded in the client library.
525 526 527 |
# File 'generated/google/apis/containeranalysis_v1beta1/classes.rb', line 525 def signature @signature end |
Instance Method Details
#update!(**args) ⇒ Object
Update properties of this object
532 533 534 535 536 537 |
# File 'generated/google/apis/containeranalysis_v1beta1/classes.rb', line 532 def update!(**args) @key_id = args[:key_id] if args.key?(:key_id) @key_type = args[:key_type] if args.key?(:key_type) @public_key = args[:public_key] if args.key?(:public_key) @signature = args[:signature] if args.key?(:signature) end |