Documentation
¶
Overview ¶
Package registry provides configuration structures and utilities for managing package information, including package definitions, verification configurations, version handling, platform support, and registry caching.
This package contains the core types used by aqua for: - Package metadata and definitions - Checksum, signing, and verification configurations - Version constraints and overrides - Platform support definitions - Registry configuration and caching
Index ¶
- Constants
- type Alias
- type Build
- type Cache
- type Cargo
- type Checksum
- type ChecksumPattern
- type Config
- type Cosign
- type DownloadedFile
- type File
- type FormatOverride
- type FormatOverrides
- type GitHubArtifactAttestations
- type GitHubReleaseAttestation
- type Minisign
- type Override
- type Overrides
- type PackageInfo
- func (p *PackageInfo) CheckSupported(rt *runtime.Runtime, env string) (bool, error)
- func (p *PackageInfo) CheckSupportedEnvs(goos, goarch, env string) bool
- func (p *PackageInfo) Copy() *PackageInfo
- func (p *PackageInfo) GetAppendExt() bool
- func (p *PackageInfo) GetChecksumReplacements() Replacements
- func (p *PackageInfo) GetFiles() []*File
- func (p *PackageInfo) GetFormat() string
- func (p *PackageInfo) GetLink() string
- func (p *PackageInfo) GetName() string
- func (p *PackageInfo) GetPath() string
- func (p *PackageInfo) HasRepo() bool
- func (p *PackageInfo) MaybeHasCommand(exeName string) bool
- func (p *PackageInfo) Override(logger *slog.Logger, v string, rt *runtime.Runtime) (*PackageInfo, error)
- func (p *PackageInfo) OverrideByBuild()
- func (p *PackageInfo) OverrideByRuntime(rt *runtime.Runtime)
- func (p *PackageInfo) PkgPaths() map[string]struct{}
- func (p *PackageInfo) SLSASourceURI() string
- func (p *PackageInfo) SetVersion(logger *slog.Logger, v string) (*PackageInfo, error)
- func (p *PackageInfo) Validate() error
- type PackageInfos
- type Replacements
- type SLSAProvenance
- type SupportedEnvs
- type Var
- type VersionOverride
Constants ¶
const ( // PkgInfoTypeGitHubRelease installs packages from GitHub release assets. PkgInfoTypeGitHubRelease = "github_release" // PkgInfoTypeGitHubContent installs packages from specific files in GitHub repositories. PkgInfoTypeGitHubContent = "github_content" // PkgInfoTypeGitHubArchive installs packages from GitHub repository archives. PkgInfoTypeGitHubArchive = "github_archive" // PkgInfoTypeHTTP installs packages from arbitrary HTTP URLs. PkgInfoTypeHTTP = "http" // PkgInfoTypeGoInstall installs Go packages using 'go install'. PkgInfoTypeGoInstall = "go_install" // PkgInfoTypeGoBuild builds Go packages from source using 'go build'. PkgInfoTypeGoBuild = "go_build" // PkgInfoTypeCargo installs Rust packages from crates.io using cargo. PkgInfoTypeCargo = "cargo" )
Package type constants define the supported package installation methods.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Alias ¶
type Alias struct {
// Name is the alternative name for the package.
Name string `json:"name"`
}
Alias represents an alternative name for a package. This allows packages to be referenced by multiple names.
type Build ¶ added in v2.13.0
type Build struct {
// Enabled controls whether building from source is allowed.
Enabled *bool `yaml:",omitempty" json:"enabled,omitempty"`
// Type specifies the build method (go_install or go_build).
Type string `yaml:",omitempty" json:"type,omitempty" jsonschema:"enum=go_install,enum=go_build"`
// Path is the import path or directory for Go packages.
Path string `yaml:",omitempty" json:"path,omitempty"`
// Files specifies which files to install after building.
Files []*File `yaml:",omitempty" json:"files,omitempty"`
// ExcludedEnvs lists environments where building should be skipped.
ExcludedEnvs SupportedEnvs `yaml:"excluded_envs,omitempty" json:"excluded_envs,omitempty"`
}
Build defines configuration for building packages from source code. This is used as a fallback when pre-built binaries are not available for the target platform.
func (*Build) CheckEnabled ¶ added in v2.13.0
CheckEnabled returns true if building from source is enabled for this package. If Enabled is nil, it defaults to true.
type Cache ¶ added in v2.50.1
type Cache struct {
// contains filtered or unexported fields
}
func (*Cache) Add ¶ added in v2.50.1
func (c *Cache) Add(rgPath string, pkgInfo *PackageInfo)
func (*Cache) Get ¶ added in v2.50.1
func (c *Cache) Get(rgPath, pkgName string) *PackageInfo
type Cargo ¶ added in v2.8.0
type Cargo struct {
// Features is a list of specific features to enable when installing.
Features []string `yaml:",omitempty" json:"features,omitempty"`
// AllFeatures enables all available features for the package.
AllFeatures bool `yaml:"all_features" json:"all_features,omitempty"`
// Locked uses the exact versions from Cargo.lock file.
Locked bool `yaml:",omitempty" json:"locked,omitempty"`
}
Cargo defines configuration options for installing Rust packages via Cargo. These options control how cargo install commands are executed.
type Checksum ¶
type Checksum struct {
// Type specifies where to download the checksum file from.
Type string `yaml:",omitempty" json:"type,omitempty" jsonschema:"enum=github_release,enum=http"`
// Asset is the name of the checksum file asset (for github_release type).
Asset string `yaml:",omitempty" json:"asset,omitempty"`
// URL is the direct URL to the checksum file (for http type).
URL string `yaml:",omitempty" json:"url,omitempty"`
// FileFormat specifies the format of the checksum file.
FileFormat string `yaml:"file_format,omitempty" json:"file_format,omitempty"`
// Algorithm specifies the hash algorithm used for checksums.
Algorithm string `yaml:",omitempty" json:"algorithm,omitempty" jsonschema:"enum=md5,enum=sha1,enum=sha256,enum=sha512"`
// Pattern defines how to extract checksums from the checksum file.
Pattern *ChecksumPattern `yaml:",omitempty" json:"pattern,omitempty"`
// Enabled controls whether checksum verification is active.
Enabled *bool `yaml:",omitempty" json:"enabled,omitempty"`
// Replacements provides template replacements for checksum URLs/assets.
Replacements Replacements `yaml:",omitempty" json:"replacements,omitempty"`
// Cosign configuration for signature verification of checksums.
Cosign *Cosign `yaml:",omitempty" json:"cosign,omitempty"`
// Minisign configuration for signature verification of checksums.
Minisign *Minisign `yaml:",omitempty" json:"minisign,omitempty"`
// GitHubArtifactAttestations configuration for GitHub artifact attestation verification.
GitHubArtifactAttestations *GitHubArtifactAttestations `yaml:"github_artifact_attestations,omitempty" json:"github_artifact_attestations,omitempty"`
}
Checksum defines configuration for verifying package integrity using checksums. It supports downloading checksum files from various sources and multiple hash algorithms.
func (*Checksum) GetAlgorithm ¶
GetAlgorithm returns the hash algorithm to use for checksum verification. If checksum is disabled, it returns "sha256" as a default.
func (*Checksum) GetCosign ¶
GetCosign returns the Cosign configuration for signature verification. It returns nil if the checksum is nil.
func (*Checksum) GetEnabled ¶
GetEnabled returns whether checksum verification is enabled. If Enabled is nil, it defaults to true.
func (*Checksum) GetGitHubArtifactAttestations ¶ added in v2.35.0
func (c *Checksum) GetGitHubArtifactAttestations() *GitHubArtifactAttestations
GetGitHubArtifactAttestations returns the GitHub artifact attestation configuration. It returns nil if the checksum is nil.
func (*Checksum) GetMinisign ¶ added in v2.34.0
GetMinisign returns the Minisign configuration for signature verification. It returns nil if the checksum is nil.
func (*Checksum) GetReplacements ¶
func (c *Checksum) GetReplacements() Replacements
GetReplacements returns the template replacements for this checksum configuration. It returns nil if the checksum is nil.
type ChecksumPattern ¶
type ChecksumPattern struct {
// Checksum is a regex pattern to extract the checksum value.
Checksum string `json:"checksum"`
// File is a regex pattern to extract the filename (optional).
File string `yaml:",omitempty" json:"file,omitempty"`
}
ChecksumPattern defines regular expression patterns for extracting checksums from checksum files. This is used when checksum files contain multiple checksums in a specific format.
type Config ¶
type Config struct {
// PackageInfos contains all package definitions in the registry.
PackageInfos PackageInfos `yaml:"packages" json:"packages"`
// contains filtered or unexported fields
}
Config represents a registry configuration containing package definitions. It provides methods to access packages by name with caching for performance.
type Cosign ¶
type Cosign struct {
// Enabled controls whether Cosign verification is active.
Enabled *bool `yaml:",omitempty" json:"enabled,omitempty"`
// Opts contains additional command-line options to pass to cosign verify.
Opts []string `yaml:",omitempty" json:"opts,omitempty"`
// Signature specifies where to download the signature file.
Signature *DownloadedFile `yaml:",omitempty" json:"signature,omitempty"`
// Certificate specifies where to download the certificate file.
Certificate *DownloadedFile `yaml:",omitempty" json:"certificate,omitempty"`
// Key specifies where to download the public key file.
Key *DownloadedFile `yaml:",omitempty" json:"key,omitempty"`
// Bundle specifies where to download the signature bundle.
Bundle *DownloadedFile `yaml:",omitempty" json:"bundle,omitempty"`
}
Cosign defines configuration for verifying packages using Cosign signature verification. Cosign is a tool for signing and verifying container images and other artifacts.
func (*Cosign) GetEnabled ¶
GetEnabled returns whether Cosign verification is enabled. If Enabled is nil, it's considered enabled if any verification files or options are configured.
type DownloadedFile ¶
type DownloadedFile struct {
// Type specifies the source type for downloading the file.
Type string `json:"type" jsonschema:"enum=github_release,enum=http"`
// RepoOwner is the GitHub repository owner (for github_release type).
RepoOwner string `yaml:"repo_owner,omitempty" json:"repo_owner,omitempty"`
// RepoName is the GitHub repository name (for github_release type).
RepoName string `yaml:"repo_name,omitempty" json:"repo_name,omitempty"`
// Asset is the name of the asset to download (for github_release type).
Asset *string `yaml:",omitempty" json:"asset,omitempty"`
// URL is the direct URL to download the file (for http type).
URL *string `yaml:",omitempty" json:"url,omitempty"`
}
DownloadedFile represents a file that can be downloaded from various sources. This is used for signature files, certificates, and other verification artifacts.
type File ¶
type File struct {
// Name is the name of the installed file.
Name string `yaml:",omitempty" json:"name,omitempty"`
// Src is the source path of the file within the package archive.
Src string `yaml:",omitempty" json:"src,omitempty"`
// Dir is the directory where the file should be installed.
Dir string `yaml:",omitempty" json:"dir,omitempty"`
// Link is the relative path from Src to the link target.
Link string `yaml:",omitempty" json:"link,omitempty"`
// Hard indicates whether to create a hard link instead of a symbolic link.
Hard bool `yaml:",omitempty" json:"hard,omitempty"`
}
File represents a file to be installed from a package. It defines the source file within the package and how it should be installed.
type FormatOverride ¶
type FormatOverride struct {
// GOOS specifies the target operating system for this format override.
GOOS string `` /* 199-byte string literal not displayed */
// Format specifies the archive format to use for this operating system.
Format string `yaml:",omitempty" json:"format" jsonschema:"example=tar.gz,example=raw,example=zip"`
}
FormatOverride allows specifying different archive formats for specific operating systems. This is useful when a package provides different archive formats for different platforms.
type FormatOverrides ¶
type FormatOverrides []*FormatOverride
FormatOverrides is a slice of platform-specific format overrides.
func (FormatOverrides) IsZero ¶
func (o FormatOverrides) IsZero() bool
IsZero implements the go.yaml.in/yaml/v3.IsZeroer interface. It returns true if the FormatOverrides slice is nil.
type GitHubArtifactAttestations ¶ added in v2.35.0
type GitHubArtifactAttestations struct {
// Enabled controls whether GitHub artifact attestation verification is active.
Enabled *bool `yaml:",omitempty" json:"enabled,omitempty"`
// PredicateType specifies the type of predicate to verify.
PredicateType string `yaml:"predicate_type,omitempty" json:"predicate_type,omitempty"`
// SignerWorkflow2 specifies the expected GitHub Actions workflow for signing.
// See https://github.com/aquaproj/aqua/issues/3581
SignerWorkflow2 string `yaml:"signer_workflow,omitempty" json:"signer_workflow,omitempty"`
// SignerWorkflow3 is the deprecated field name for signer workflow.
//
// Deprecated: Use SignerWorkflow2 instead. This will be removed in aqua v3.
SignerWorkflow3 string `yaml:"signer-workflow,omitempty" json:"signer-workflow,omitempty"`
}
GitHubArtifactAttestations defines configuration for GitHub artifact attestation verification. This uses GitHub's built-in attestation system for verifying build provenance and integrity.
func (*GitHubArtifactAttestations) GetEnabled ¶ added in v2.35.0
func (m *GitHubArtifactAttestations) GetEnabled() bool
GetEnabled returns whether GitHub artifact attestation verification is enabled. If Enabled is nil, it defaults to true.
func (*GitHubArtifactAttestations) SignerWorkflow ¶ added in v2.35.0
func (m *GitHubArtifactAttestations) SignerWorkflow() string
SignerWorkflow returns the configured signer workflow. It prefers SignerWorkflow2 over the deprecated SignerWorkflow3.
type GitHubReleaseAttestation ¶ added in v2.55.0
type GitHubReleaseAttestation struct {
Enabled *bool `json:"enabled,omitempty"`
}
func (*GitHubReleaseAttestation) GetEnabled ¶ added in v2.55.0
func (m *GitHubReleaseAttestation) GetEnabled() bool
type Minisign ¶ added in v2.31.0
type Minisign struct {
// Enabled controls whether Minisign verification is active.
Enabled *bool `yaml:",omitempty" json:"enabled,omitempty"`
// Type specifies where to download the signature file from.
Type string `yaml:",omitempty" json:"type,omitempty" jsonschema:"enum=github_release,enum=http"`
// RepoOwner is the GitHub repository owner (for github_release type).
RepoOwner string `yaml:"repo_owner,omitempty" json:"repo_owner,omitempty"`
// RepoName is the GitHub repository name (for github_release type).
RepoName string `yaml:"repo_name,omitempty" json:"repo_name,omitempty"`
// Asset is the name of the signature file asset (for github_release type).
Asset *string `yaml:",omitempty" json:"asset,omitempty"`
// URL is the direct URL to the signature file (for http type).
URL *string `yaml:",omitempty" json:"url,omitempty"`
// PublicKey is the base64-encoded public key for verification.
PublicKey string `yaml:"public_key,omitempty" json:"public_key,omitempty"`
}
Minisign defines configuration for verifying packages using Minisign signature verification. Minisign is a simple tool for signing files and verifying signatures.
func (*Minisign) GetEnabled ¶ added in v2.31.0
GetEnabled returns whether Minisign verification is enabled. If Enabled is nil, it defaults to true.
func (*Minisign) ToDownloadedFile ¶ added in v2.31.0
func (m *Minisign) ToDownloadedFile() *DownloadedFile
ToDownloadedFile converts the Minisign configuration to a DownloadedFile. This is used for downloading the signature file.
type Override ¶
type Override struct {
GOOS string `yaml:",omitempty" json:"goos,omitempty" jsonschema:"enum=darwin,enum=linux,enum=windows"`
GOArch string `yaml:",omitempty" json:"goarch,omitempty" jsonschema:"enum=amd64,enum=arm64"`
Type string `` /* 171-byte string literal not displayed */
Format string `yaml:",omitempty" json:"format,omitempty" jsonschema:"example=tar.gz,example=raw,example=zip"`
Asset string `yaml:",omitempty" json:"asset,omitempty"`
Crate string `yaml:",omitempty" json:"crate,omitempty"`
URL string `yaml:",omitempty" json:"url,omitempty"`
Path string `yaml:",omitempty" json:"path,omitempty"`
GoVersionPath *string `yaml:"go_version_path,omitempty" json:"go_version_path,omitempty"`
CompleteWindowsExt *bool `yaml:"complete_windows_ext,omitempty" json:"complete_windows_ext,omitempty"`
WindowsExt string `yaml:"windows_ext,omitempty" json:"windows_ext,omitempty"`
AppendExt *bool `yaml:"append_ext,omitempty" json:"append_ext,omitempty"`
Cargo *Cargo `yaml:",omitempty" json:"cargo,omitempty"`
Files []*File `yaml:",omitempty" json:"files,omitempty"`
Replacements Replacements `yaml:",omitempty" json:"replacements,omitempty"`
Checksum *Checksum `yaml:",omitempty" json:"checksum,omitempty"`
Cosign *Cosign `yaml:",omitempty" json:"cosign,omitempty"`
SLSAProvenance *SLSAProvenance `yaml:"slsa_provenance,omitempty" json:"slsa_provenance,omitempty"`
Minisign *Minisign `yaml:",omitempty" json:"minisign,omitempty"`
GitHubArtifactAttestations *GitHubArtifactAttestations `yaml:"github_artifact_attestations,omitempty" json:"github_artifact_attestations,omitempty"`
Vars []*Var `yaml:",omitempty" json:"vars,omitempty"`
Envs SupportedEnvs `yaml:",omitempty" json:"envs,omitempty"`
}
Override provides platform-specific package configuration that overrides the default settings when the specified OS/architecture conditions are met.
type Overrides ¶
type Overrides []*Override
Overrides is a slice of platform-specific configuration overrides.
func (Overrides) IsZero ¶
IsZero implements the go.yaml.in/yaml/v3.IsZeroer interface. It returns true if the Overrides slice is nil.
type PackageInfo ¶
type PackageInfo struct {
Name string `yaml:",omitempty" json:"name,omitempty"`
Aliases []*Alias `yaml:",omitempty" json:"aliases,omitempty"`
SearchWords []string `yaml:"search_words,omitempty" json:"search_words,omitempty"`
Type string `` /* 143-byte string literal not displayed */
RepoOwner string `yaml:"repo_owner,omitempty" json:"repo_owner,omitempty"`
RepoName string `yaml:"repo_name,omitempty" json:"repo_name,omitempty"`
Description string `yaml:",omitempty" json:"description,omitempty"`
Link string `yaml:",omitempty" json:"link,omitempty"`
Asset string `yaml:",omitempty" json:"asset,omitempty"`
Crate string `yaml:",omitempty" json:"crate,omitempty"`
URL string `yaml:",omitempty" json:"url,omitempty"`
Path string `yaml:",omitempty" json:"path,omitempty"`
Format string `yaml:",omitempty" json:"format,omitempty" jsonschema:"example=tar.gz,example=raw,example=zip,example=dmg"`
VersionFilter string `yaml:"version_filter,omitempty" json:"version_filter,omitempty"`
VersionPrefix string `yaml:"version_prefix,omitempty" json:"version_prefix,omitempty"`
GoVersionPath string `yaml:"go_version_path,omitempty" json:"go_version_path,omitempty"`
Rosetta2 bool `yaml:",omitempty" json:"rosetta2,omitempty"`
WindowsARMEmulation bool `yaml:"windows_arm_emulation,omitempty" json:"windows_arm_emulation,omitempty"`
NoAsset bool `yaml:"no_asset,omitempty" json:"no_asset,omitempty"`
VersionSource string `yaml:"version_source,omitempty" json:"version_source,omitempty" jsonschema:"enum=github_tag"`
CompleteWindowsExt *bool `yaml:"complete_windows_ext,omitempty" json:"complete_windows_ext,omitempty"`
WindowsExt string `yaml:"windows_ext,omitempty" json:"windows_ext,omitempty"`
Private bool `yaml:",omitempty" json:"private,omitempty"`
ErrorMessage string `yaml:"-" json:"-"`
AppendExt *bool `yaml:"append_ext,omitempty" json:"append_ext,omitempty"`
Cargo *Cargo `yaml:",omitempty" json:"cargo,omitempty"`
Build *Build `yaml:",omitempty" json:"build,omitempty"`
Overrides []*Override `yaml:",omitempty" json:"overrides,omitempty"`
FormatOverrides []*FormatOverride `yaml:"format_overrides,omitempty" json:"format_overrides,omitempty"`
Files []*File `yaml:",omitempty" json:"files,omitempty"`
Replacements Replacements `yaml:",omitempty" json:"replacements,omitempty"`
SupportedEnvs SupportedEnvs `yaml:"supported_envs,omitempty" json:"supported_envs,omitempty"`
Checksum *Checksum `yaml:",omitempty" json:"checksum,omitempty"`
Cosign *Cosign `yaml:",omitempty" json:"cosign,omitempty"`
SLSAProvenance *SLSAProvenance `yaml:"slsa_provenance,omitempty" json:"slsa_provenance,omitempty"`
Minisign *Minisign `yaml:",omitempty" json:"minisign,omitempty"`
GitHubArtifactAttestations *GitHubArtifactAttestations `yaml:"github_artifact_attestations,omitempty" json:"github_artifact_attestations,omitempty"`
GitHubImmutableRelease bool `yaml:"github_immutable_release,omitempty" json:"github_immutable_release,omitempty"`
Vars []*Var `yaml:",omitempty" json:"vars,omitempty"`
VersionConstraints string `yaml:"version_constraint,omitempty" json:"version_constraint,omitempty"`
VersionOverrides []*VersionOverride `yaml:"version_overrides,omitempty" json:"version_overrides,omitempty"`
}
PackageInfo represents a complete package definition including metadata, installation configuration, verification settings, and platform support. It contains all information needed to install and verify a package across different platforms and versions.
func (*PackageInfo) CheckSupported ¶
func (*PackageInfo) CheckSupportedEnvs ¶
func (p *PackageInfo) CheckSupportedEnvs(goos, goarch, env string) bool
func (*PackageInfo) Copy ¶
func (p *PackageInfo) Copy() *PackageInfo
Copy creates a deep copy of the PackageInfo struct. This is used when creating modified versions of a package for different platforms or versions.
func (*PackageInfo) GetAppendExt ¶ added in v2.13.0
func (p *PackageInfo) GetAppendExt() bool
GetAppendExt returns whether file extensions should be appended to installed binaries. If AppendExt is nil, it defaults to true.
func (*PackageInfo) GetChecksumReplacements ¶
func (p *PackageInfo) GetChecksumReplacements() Replacements
GetChecksumReplacements returns the effective replacements for checksum validation. It merges package-level replacements with checksum-specific replacements.
func (*PackageInfo) GetFiles ¶
func (p *PackageInfo) GetFiles() []*File
GetFiles returns the list of files to be installed. If no files are specified, it returns a default file based on the package name.
func (*PackageInfo) GetFormat ¶
func (p *PackageInfo) GetFormat() string
GetFormat returns the archive format for the package. Some package types have default formats that are returned if Format is not explicitly set.
func (*PackageInfo) GetLink ¶
func (p *PackageInfo) GetLink() string
GetLink returns the primary URL link for the package. It uses the Link field if set, otherwise derives it from repository information.
func (*PackageInfo) GetName ¶
func (p *PackageInfo) GetName() string
GetName returns the effective name of the package. It uses the Name field if set, otherwise derives it from repository or path information.
func (*PackageInfo) GetPath ¶
func (p *PackageInfo) GetPath() string
GetPath returns the effective import path or directory path for the package. For Go packages, this is used with 'go install' or 'go build'.
func (*PackageInfo) HasRepo ¶
func (p *PackageInfo) HasRepo() bool
HasRepo returns true if the package has both RepoOwner and RepoName set. This indicates the package is hosted on a Git repository (typically GitHub).
func (*PackageInfo) MaybeHasCommand ¶ added in v2.55.2
func (p *PackageInfo) MaybeHasCommand(exeName string) bool
MaybeHasCommand returns true if the given exe name can be in this package. This includes file lists that may only be used under specific versions or host platforms.
func (*PackageInfo) Override ¶
func (p *PackageInfo) Override(logger *slog.Logger, v string, rt *runtime.Runtime) (*PackageInfo, error)
func (*PackageInfo) OverrideByBuild ¶ added in v2.13.0
func (p *PackageInfo) OverrideByBuild()
OverrideByBuild applies build-specific configuration to the package. This modifies the package to use build settings when building from source.
func (*PackageInfo) OverrideByRuntime ¶
func (p *PackageInfo) OverrideByRuntime(rt *runtime.Runtime)
OverrideByRuntime applies platform-specific overrides based on the runtime environment. It modifies the PackageInfo in-place to use platform-specific settings when available.
func (*PackageInfo) PkgPaths ¶ added in v2.33.0
func (p *PackageInfo) PkgPaths() map[string]struct{}
PkgPaths returns all possible package installation paths for this package. This includes paths for all version overrides and is used for package management.
func (*PackageInfo) SLSASourceURI ¶
func (p *PackageInfo) SLSASourceURI() string
SLSASourceURI returns the source URI for SLSA provenance verification. It uses the configured SourceURI or derives it from repository information.
func (*PackageInfo) SetVersion ¶
func (p *PackageInfo) SetVersion(logger *slog.Logger, v string) (*PackageInfo, error)
func (*PackageInfo) Validate ¶
func (p *PackageInfo) Validate() error
Validate checks if the PackageInfo has all required fields for its type. It returns an error if any required fields are missing or invalid.
type PackageInfos ¶
type PackageInfos []*PackageInfo
PackageInfos represents a slice of package information. This is the main container for all packages in a registry.
func (*PackageInfos) ToMap ¶
func (p *PackageInfos) ToMap(logger *slog.Logger) map[string]*PackageInfo
ToMap converts the PackageInfos slice to a map indexed by package name. It includes aliases and logs conflicts at debug level.
type Replacements ¶
Replacements is a map of template replacements for platform-specific values. Keys are typically platform identifiers (GOOS/GOARCH) and values are the replacements.
func (Replacements) IsZero ¶
func (r Replacements) IsZero() bool
IsZero implements the go.yaml.in/yaml/v3.IsZeroer interface. It returns true if the Replacements map is nil.
func (Replacements) JSONSchema ¶
func (Replacements) JSONSchema() *jsonschema.Schema
JSONSchema generates a JSON schema for Replacements. It creates a schema with properties for each supported GOOS and GOARCH value.
type SLSAProvenance ¶
type SLSAProvenance struct {
// Enabled controls whether SLSA provenance verification is active.
Enabled *bool `yaml:",omitempty" json:"enabled,omitempty"`
// Type specifies where to download the provenance file from.
Type string `yaml:",omitempty" json:"type,omitempty" jsonschema:"enum=github_release,enum=http"`
// RepoOwner is the GitHub repository owner (for github_release type).
RepoOwner string `yaml:"repo_owner,omitempty" json:"repo_owner,omitempty"`
// RepoName is the GitHub repository name (for github_release type).
RepoName string `yaml:"repo_name,omitempty" json:"repo_name,omitempty"`
// Asset is the name of the provenance file asset (for github_release type).
Asset *string `yaml:",omitempty" json:"asset,omitempty"`
// URL is the direct URL to the provenance file (for http type).
URL *string `yaml:",omitempty" json:"url,omitempty"`
// SourceURI is the expected source repository URI for verification.
SourceURI *string `yaml:"source_uri,omitempty" json:"source_uri,omitempty"`
// SourceTag is the expected source tag for verification.
SourceTag string `yaml:"source_tag,omitempty" json:"source_tag,omitempty"`
}
SLSAProvenance defines configuration for SLSA (Supply-chain Levels for Software Artifacts) provenance verification. SLSA is a framework for ensuring software supply chain security through build provenance.
func (*SLSAProvenance) GetDownloadedFile ¶
func (sp *SLSAProvenance) GetDownloadedFile() *DownloadedFile
GetDownloadedFile returns a DownloadedFile for the provenance file. This is an alias for ToDownloadedFile for consistency with other verification types.
func (*SLSAProvenance) GetEnabled ¶
func (sp *SLSAProvenance) GetEnabled() bool
GetEnabled returns whether SLSA provenance verification is enabled. If Enabled is nil, it's considered enabled if Type is configured.
func (*SLSAProvenance) GetSourceURI ¶
func (sp *SLSAProvenance) GetSourceURI() string
GetSourceURI returns the source URI for provenance verification. If SourceURI is not set, it derives it from RepoOwner and RepoName.
func (*SLSAProvenance) ToDownloadedFile ¶
func (sp *SLSAProvenance) ToDownloadedFile() *DownloadedFile
ToDownloadedFile converts the SLSAProvenance configuration to a DownloadedFile. This is used for downloading the provenance file.
type SupportedEnvs ¶
type SupportedEnvs []string
SupportedEnvs represents a list of supported runtime environments. Each entry can be a GOOS, GOARCH, GOOS/GOARCH combination, or "all".
func (SupportedEnvs) JSONSchema ¶
func (SupportedEnvs) JSONSchema() *jsonschema.Schema
JSONSchema generates a JSON schema for SupportedEnvs. It creates an enum schema with all valid GOOS, GOARCH, and GOOS/GOARCH combinations.
type Var ¶ added in v2.31.0
type Var struct {
// Name is the variable name used in templates.
Name string `json:"name"`
// Required indicates whether this variable must be provided.
Required bool `yaml:",omitempty" json:"required,omitempty"`
// Default is the default value used when the variable is not provided.
Default any `yaml:",omitempty" json:"default,omitempty"`
}
Var represents a template variable that can be used in package configurations to customize installation behavior based on runtime values.
type VersionOverride ¶
type VersionOverride struct {
VersionConstraints string `yaml:"version_constraint,omitempty" json:"version_constraint,omitempty"`
Type string `` /* 171-byte string literal not displayed */
RepoOwner string `yaml:"repo_owner,omitempty" json:"repo_owner,omitempty"`
RepoName string `yaml:"repo_name,omitempty" json:"repo_name,omitempty"`
Asset string `yaml:",omitempty" json:"asset,omitempty"`
Crate string `yaml:",omitempty" json:"crate,omitempty"`
Path string `yaml:",omitempty" json:"path,omitempty"`
URL string `yaml:",omitempty" json:"url,omitempty"`
Format string `yaml:",omitempty" json:"format,omitempty" jsonschema:"example=tar.gz,example=raw,example=zip"`
GoVersionPath *string `yaml:"go_version_path,omitempty" json:"go_version_path,omitempty"`
VersionFilter *string `yaml:"version_filter,omitempty" json:"version_filter,omitempty"`
VersionPrefix *string `yaml:"version_prefix,omitempty" json:"version_prefix,omitempty"`
VersionSource string `yaml:"version_source,omitempty" json:"version_source,omitempty"`
WindowsExt string `yaml:"windows_ext,omitempty" json:"windows_ext,omitempty"`
ErrorMessage *string `yaml:"error_message,omitempty" json:"error_message,omitempty"`
Rosetta2 *bool `yaml:",omitempty" json:"rosetta2,omitempty"`
WindowsARMEmulation *bool `yaml:"windows_arm_emulation,omitempty" json:"windows_arm_emulation,omitempty"`
CompleteWindowsExt *bool `yaml:"complete_windows_ext,omitempty" json:"complete_windows_ext,omitempty"`
NoAsset *bool `yaml:"no_asset,omitempty" json:"no_asset,omitempty"`
AppendExt *bool `yaml:"append_ext,omitempty" json:"append_ext,omitempty"`
Cargo *Cargo `json:"cargo,omitempty"`
Files []*File `yaml:",omitempty" json:"files,omitempty"`
FormatOverrides FormatOverrides `yaml:"format_overrides,omitempty" json:"format_overrides,omitempty"`
Replacements Replacements `yaml:",omitempty" json:"replacements,omitempty"`
Checksum *Checksum `json:"checksum,omitempty"`
Cosign *Cosign `json:"cosign,omitempty"`
SLSAProvenance *SLSAProvenance `yaml:"slsa_provenance,omitempty" json:"slsa_provenance,omitempty"`
Minisign *Minisign `yaml:",omitempty" json:"minisign,omitempty"`
GitHubArtifactAttestations *GitHubArtifactAttestations `yaml:"github_artifact_attestations,omitempty" json:"github_artifact_attestations,omitempty"`
GitHubImmutableRelease *bool `yaml:"github_immutable_release,omitempty" json:"github_immutable_release,omitempty"`
Build *Build `yaml:",omitempty" json:"build,omitempty"`
Vars []*Var `yaml:",omitempty" json:"vars,omitempty"`
Overrides Overrides `yaml:",omitempty" json:"overrides,omitempty"`
SupportedEnvs SupportedEnvs `yaml:"supported_envs,omitempty" json:"supported_envs,omitempty"`
}
VersionOverride allows different package configurations for specific version ranges. This enables packages to change their installation method, repository, or other settings based on the version being installed.
Source Files