[rw] Add ability to generate in-toto statements

in-toto statements are the input to the attestation tool that define
what was made, and how it was made. This change adds the ability to
generate such an input. Given a name and a file, a sha256 is generated
and added to an otherwise standard statement. Eventually the statement
will need to be built out to include things like envvars, but that
doesn't need to happen here.

Bug: b/295932544


Change-Id: Id613f4f6b0a3b8d18e1b2c76b60030adbda4ad43
Reviewed-on: https://fuchsia-review.googlesource.com/c/infra/infra/+/913157
Reviewed-by: Anthony Fandrianto <atyfto@google.com>
Commit-Queue: Chris Lewis <cflewis@google.com>
3 files changed
tree: c4ebae77066c22df78363c21764ae67a536c1d56
  1. artifacts/
  2. buildbucket/
  3. checkout/
  4. cmd/
  5. execution/
  6. flagutil/
  7. functools/
  8. gerrit/
  9. gitiles/
  10. monorail/
  11. rpcutil/
  12. scripts/
  13. third_party/
  14. vendor/
  15. .gitignore
  16. AUTHORS
  17. go.mod
  18. go.sum
  19. LICENSE
  20. manifest
  21. PATENTS
  22. README.md
README.md

infra

This repo contains tools and config files necessary to run infrastructure related to builds, code review, version control, and continuous integrations.