Google Git
Sign in
fuchsia / infra / infra / fead80b0fa75f984d75afcde5f9033797cd4d534
commitfead80b0fa75f984d75afcde5f9033797cd4d534[log] [tgz]
authorChris Lewis <cflewis@google.com>Thu Sep 14 23:57:56 2023 +0000
committerCQ Bot <fuchsia-internal-scoped@luci-project-accounts.iam.gserviceaccount.com>Thu Sep 14 23:57:56 2023 +0000
treec4ebae77066c22df78363c21764ae67a536c1d56
parent1809927d7e58752434cf05b0746303882dfd0920 [diff]
[rw] Add ability to generate in-toto statements

in-toto statements are the input to the attestation tool that define
what was made, and how it was made. This change adds the ability to
generate such an input. Given a name and a file, a sha256 is generated
and added to an otherwise standard statement. Eventually the statement
will need to be built out to include things like envvars, but that
doesn't need to happen here.

Bug: b/295932544


Change-Id: Id613f4f6b0a3b8d18e1b2c76b60030adbda4ad43
Reviewed-on: https://fuchsia-review.googlesource.com/c/infra/infra/+/913157
Reviewed-by: Anthony Fandrianto <atyfto@google.com>
Commit-Queue: Chris Lewis <cflewis@google.com>
3 files changed
tree: c4ebae77066c22df78363c21764ae67a536c1d56
  1. artifacts/
  2. buildbucket/
  3. checkout/
  4. cmd/
  5. execution/
  6. flagutil/
  7. functools/
  8. gerrit/
  9. gitiles/
  10. monorail/
  11. rpcutil/
  12. scripts/
  13. third_party/
  14. vendor/
  15. .gitignore
  16. AUTHORS
  17. go.mod
  18. go.sum
  19. LICENSE
  20. manifest
  21. PATENTS
  22. README.md
README.md

infra

This repo contains tools and config files necessary to run infrastructure related to builds, code review, version control, and continuous integrations.