/
cosign.go
72 lines (63 loc) · 1.7 KB
/
cosign.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
package installpackage
import (
"context"
"fmt"
"sync"
"github.com/aquaproj/aqua/v2/pkg/checksum"
"github.com/aquaproj/aqua/v2/pkg/config"
"github.com/aquaproj/aqua/v2/pkg/config/aqua"
"github.com/aquaproj/aqua/v2/pkg/config/registry"
"github.com/aquaproj/aqua/v2/pkg/cosign"
"github.com/sirupsen/logrus"
)
type Cosign struct {
installer *Installer
mutex *sync.Mutex
}
func (c *Cosign) installCosign(ctx context.Context, logE *logrus.Entry, version string) error {
c.mutex.Lock()
defer c.mutex.Unlock()
pkg := &config.Package{
Package: &aqua.Package{
Name: "sigstore/cosign",
Version: version,
},
PackageInfo: ®istry.PackageInfo{
Type: "github_release",
RepoOwner: "sigstore",
RepoName: "cosign",
Asset: "cosign-{{.OS}}-{{.Arch}}",
SupportedEnvs: []string{
"darwin",
"linux",
"amd64",
},
},
}
chksum := cosign.Checksums()[c.installer.runtime.Env()]
pkgInfo, err := pkg.PackageInfo.Override(logE, pkg.Package.Version, c.installer.runtime)
if err != nil {
return fmt.Errorf("evaluate version constraints: %w", err)
}
supported, err := pkgInfo.CheckSupported(c.installer.runtime, c.installer.runtime.Env())
if err != nil {
return fmt.Errorf("check if cosign is supported: %w", err)
}
if !supported {
logE.Debug("the package isn't supported on this environment")
return nil
}
pkg.PackageInfo = pkgInfo
if err := c.installer.InstallPackage(ctx, logE, &ParamInstallPackage{
Checksums: checksum.New(), // Check cosign's checksum but not update aqua-checksums.json
Pkg: pkg,
Checksum: &checksum.Checksum{
Algorithm: "sha256",
Checksum: chksum,
},
DisablePolicy: true,
}); err != nil {
return err
}
return nil
}