The digests.yaml includes digests (cryptographic hashes) of select artifacts within the CASE specification. Specifically, the artifacts that are not part of the canonical JSON representation of the CASE. This includes:
- License files
- Inventory Resource Files
- Inventory Resource References
The digests.yaml has the following attributes:
digests: The digests available to the CASE inventory item actions.metadata: Describes the digests. See CASE Metadata for details.digestDefs: The role definition objects.readme: The digest of the CASEREADME.mdfile.digest: The digest for the README.size: The README size.skip: If true, skip this entry when evaluating the digest.
inventory: The inventory items.<Inventory Item>: The name of the inventory item.readme: The readme.md file.digest: The digest for the README.size: The README size.skip: If true, skip this entry when evaluating the digest.
resources: A list of resourcesresourceDefs: The resource resolvers.cases: Array of digest objects for referenced casesdigest: A CASE archive digest.size: The CASE archive size.skip: If true, skip this entry when evaluating the digest.
files: Array of digest objects for referenced files.digest: Array of digest strings.size: The file size.skip: If true, skip this entry when evaluating the digest.
helmCharts: Array of digest objects for referenced Helm chartsdigest: Array of digest strings.size: The Helm Archive size.skip: If true, skip this entry when evaluating the digest.
containerImages: Array of digest objects for referenced container imagesdigest: Array of digest strings.skip: If true, skip this entry when evaluating the digest.
licenses: The main license.digest: The digest of the license file.size: The file size.skip: If true, skip this entry when evaluating the digest.
case: The non-file elements of the CASE.digest: The digest of the canonical representation of the case.size: The size of the canonical representation of the case.skip: If true, skip this entry when evaluating the digest.
licenses: The licenses.<License Item>: The key of the license item.digest: The digest of the license file.size: The file size.skip: If true, skip this entry when evaluating the digest.
Each resource digest is in the following format described in the OCI Digest specification:
digest ::= algorithm ":" encoded
algorithm ::= algorithm-component (algorithm-separator algorithm-component)*
algorithm-component ::= [a-z0-9]+
algorithm-separator ::= [+._-]
encoded ::= [a-zA-Z0-9=_-]+
Supported algorithms include:
sha256: a collision-resistant hash function, chosen for ubiquity, reasonable size and secure characteristics. Implementations MUST implement SHA-256 digest verification for use in descriptors. The encoded portion MUST match /[a-f0-9]{64}/. Note that [A-F] MUST NOT be used here.