Class: Google::Apis::ContaineranalysisV1beta1::BuildSignature

Inherits:

Object

• Object
• Google::Apis::ContaineranalysisV1beta1::BuildSignature

Includes:

Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport

Defined in:

lib/google/apis/containeranalysis_v1beta1/classes.rb,
lib/google/apis/containeranalysis_v1beta1/representations.rb,
lib/google/apis/containeranalysis_v1beta1/representations.rb

Overview

Message encapsulating the signature of the verified build.

Instance Attribute Summary

• #key_id ⇒ String

  An ID for the key used to sign.

• #key_type ⇒ String

  The type of the key, either stored in public_key or referenced in key_id.

• #public_key ⇒ String

  Public key of the builder which can be used to verify that the related findings are valid and unchanged.

• #signature ⇒ String

  Required.

Instance Method Summary

• #initialize(**args) ⇒ BuildSignature constructor

  A new instance of BuildSignature.

• #update!(**args) ⇒ Object

  Update properties of this object.

Constructor Details

#initialize(**args) ⇒ BuildSignature

Returns a new instance of BuildSignature.

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 721

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#key_id ⇒ String

An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service). Corresponds to the JSON property keyId

Returns:

• (String)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 693

def key_id
  @key_id
end

#key_type ⇒ String

The type of the key, either stored in public_key or referenced in key_id. Corresponds to the JSON property keyType

Returns:

• (String)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 698

def key_type
  @key_type
end

#public_key ⇒ String

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys. This field may be empty if key_id references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem - signature signature.bin signed.bin Corresponds to the JSON property publicKey

Returns:

• (String)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 712

def public_key
  @public_key
end

#signature ⇒ String

Required. Signature of the related BuildProvenance. In JSON, this is base-64 encoded. Corresponds to the JSON property signature NOTE: Values are automatically base64 encoded/decoded in the client library.

Returns:

• (String)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 719

def signature
  @signature
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 726

def update!(**args)
  @key_id = args[:key_id] if args.key?(:key_id)
  @key_type = args[:key_type] if args.key?(:key_type)
  @public_key = args[:public_key] if args.key?(:public_key)
  @signature = args[:signature] if args.key?(:signature)
end