VerificationRule class

Specifies verification rules for evaluating the SLSA attestations including: which builders to trust, where to fetch the SLSA attestations generated by those builders, and other builder-specific evaluation rules such as which source repositories are trusted.

An image is considered verified by the rule if any of the fetched SLSA attestations is verified.

Constructors

VerificationRule({AttestationSource? attestationSource, bool? configBasedBuildRequired, String? trustedBuilder, List<String>? trustedSourceRepoPatterns})

VerificationRule.fromJson(Map json_)

Properties

attestationSource ↔ AttestationSource?

Specifies where to fetch the provenances attestations generated by the builder (group).

getter/setter pair

configBasedBuildRequired ↔ bool?

If true, require the image to be built from a top-level configuration.

getter/setter pair

hashCode → int

The hash code for this object.

no setter, inherited

runtimeType → Type

A representation of the runtime type of the object.

no setter, inherited

trustedBuilder ↔ String?

Each verification rule is used for evaluation against provenances generated by a specific builder (group).

getter/setter pair

trustedSourceRepoPatterns ↔ List<String>?

List of trusted source code repository URL patterns.

getter/setter pair

Methods

noSuchMethod(Invocation invocation) → dynamic

Invoked when a nonexistent method or property is accessed.

inherited

toJson() → Map<String, dynamic>

toString() → String

A string representation of this object.

inherited

Operators

operator ==(Object other) → bool

The equality operator.

inherited