diff --git a/go.mod b/go.mod index 8cabd23ad..80020631a 100644 --- a/go.mod +++ b/go.mod @@ -25,8 +25,8 @@ require ( github.com/matcornic/hermes/v2 v2.1.0 github.com/microcosm-cc/bluemonday v1.0.27 github.com/moby/buildkit v0.30.0 - github.com/moby/moby/api v1.54.2 - github.com/moby/moby/client v0.4.1 + github.com/moby/moby/api v1.55.0 + github.com/moby/moby/client v0.5.0 github.com/nlopes/slack v0.6.0 github.com/opencontainers/go-digest v1.0.0 github.com/opencontainers/image-spec v1.1.1 diff --git a/go.sum b/go.sum index 80f782922..19c558981 100644 --- a/go.sum +++ b/go.sum @@ -264,10 +264,10 @@ github.com/moby/buildkit v0.30.0 h1:OsK8T3BaYH52UNStpKd7gytDtHWWt2Fawak/lAPWatU= github.com/moby/buildkit v0.30.0/go.mod h1:k2wuw5ddaOqzh58RLt+mBn2XhK34gi6+gd0faONQ1xU= github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0= github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo= -github.com/moby/moby/api v1.54.2 h1:wiat9QAhnDQjA7wk1kh/TqHz2I1uUA7M7t9SAl/JNXg= -github.com/moby/moby/api v1.54.2/go.mod h1:+RQ6wluLwtYaTd1WnPLykIDPekkuyD/ROWQClE83pzs= -github.com/moby/moby/client v0.4.1 h1:DMQgisVoMkmMs7fp3ROSdiBnoAu8+vo3GggFl06M/wY= -github.com/moby/moby/client v0.4.1/go.mod h1:z52C9O2POPOsnxZAy//WtKcQ32P+jT/NGeXu/7nfjGQ= +github.com/moby/moby/api v1.55.0 h1:2/sexvQyqIWS8pRSCFddBfpW2qE7vR7FCL+vN8pxwMc= +github.com/moby/moby/api v1.55.0/go.mod h1:+RQ6wluLwtYaTd1WnPLykIDPekkuyD/ROWQClE83pzs= +github.com/moby/moby/client v0.5.0 h1:5XhyPk2fuOWf6RlSFa3MkIIgDZkF25xToXW8Q/BH7cc= +github.com/moby/moby/client v0.5.0/go.mod h1:rcVpF8ncl9vo5gaIBdol6CnbEtSj1uxMvEV/UrykF/s= github.com/moby/sys/capability v0.4.0 h1:4D4mI6KlNtWMCM1Z/K0i7RV1FkX+DBDHKVJpCndZoHk= github.com/moby/sys/capability v0.4.0/go.mod h1:4g9IK291rVkms3LKCDOoYlnV8xKwoDTpIrNEE35Wq0I= github.com/moby/sys/mountinfo v0.7.2 h1:1shs6aH5s4o5H2zQLn796ADW1wMrIwHsyJ2v9KouLrg= diff --git a/vendor/github.com/moby/moby/api/types/image/attestation.go b/vendor/github.com/moby/moby/api/types/image/attestation.go new file mode 100644 index 000000000..4233d6833 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/image/attestation.go @@ -0,0 +1,19 @@ +package image + +import ( + "encoding/json" + + ocispec "github.com/opencontainers/image-spec/specs-go/v1" +) + +// AttestationStatement is a single in-toto statement attached to an image. +type AttestationStatement struct { + // Descriptor is the OCI descriptor of the statement blob (media type, + // digest, size, annotations). + Descriptor ocispec.Descriptor `json:"Descriptor"` + // PredicateType is the in-toto predicate type URI of this statement. + PredicateType string `json:"PredicateType"` + // Statement is the verbatim in-toto statement JSON. Omitted unless the + // caller opts in via the statement=true query parameter. + Statement *json.RawMessage `json:"Statement,omitempty"` +} diff --git a/vendor/github.com/moby/moby/client/client.go b/vendor/github.com/moby/moby/client/client.go index 89ba88ee5..4b4ef976a 100644 --- a/vendor/github.com/moby/moby/client/client.go +++ b/vendor/github.com/moby/moby/client/client.go @@ -109,7 +109,7 @@ const DummyHost = "api.moby.localhost" // overriding the version and disable API-version negotiation. // // This version may be lower than the version of the api library module used. -const MaxAPIVersion = "1.54" +const MaxAPIVersion = "1.55" // MinAPIVersion is the minimum API version supported by the client. API versions // below this version are not considered when performing API-version negotiation. diff --git a/vendor/github.com/moby/moby/client/client_interfaces.go b/vendor/github.com/moby/moby/client/client_interfaces.go index 4bbd45a6e..fd1b9dac3 100644 --- a/vendor/github.com/moby/moby/client/client_interfaces.go +++ b/vendor/github.com/moby/moby/client/client_interfaces.go @@ -133,6 +133,7 @@ type ImageAPIClient interface { ImageInspect(ctx context.Context, image string, _ ...ImageInspectOption) (ImageInspectResult, error) ImageHistory(ctx context.Context, image string, _ ...ImageHistoryOption) (ImageHistoryResult, error) + ImageAttestations(ctx context.Context, image string, _ ...ImageAttestationsOption) (ImageAttestationsResult, error) ImageLoad(ctx context.Context, input io.Reader, _ ...ImageLoadOption) (ImageLoadResult, error) ImageSave(ctx context.Context, images []string, _ ...ImageSaveOption) (ImageSaveResult, error) diff --git a/vendor/github.com/moby/moby/client/image_attestations.go b/vendor/github.com/moby/moby/client/image_attestations.go new file mode 100644 index 000000000..c02d97519 --- /dev/null +++ b/vendor/github.com/moby/moby/client/image_attestations.go @@ -0,0 +1,51 @@ +package client + +import ( + "context" + "encoding/json" + "net/url" +) + +// ImageAttestations returns the in-toto attestation statements attached to an +// image for the given platform. This requires API version 1.55 or higher. +func (cli *Client) ImageAttestations(ctx context.Context, imageID string, opts ...ImageAttestationsOption) (ImageAttestationsResult, error) { + if imageID == "" { + return ImageAttestationsResult{}, objectNotFoundError{object: "image", id: imageID} + } + + if err := cli.requiresVersion(ctx, "1.55", "attestations"); err != nil { + return ImageAttestationsResult{}, err + } + + var o imageAttestationsOpts + for _, opt := range opts { + if err := opt.Apply(&o); err != nil { + return ImageAttestationsResult{}, err + } + } + + query := url.Values{} + if o.platform != nil { + p, err := encodePlatform(o.platform) + if err != nil { + return ImageAttestationsResult{}, err + } + query.Set("platform", p) + } + for _, pt := range o.predicateTypes { + query.Add("type", pt) + } + if o.includeStatement { + query.Set("statement", "1") + } + + resp, err := cli.get(ctx, "/images/"+imageID+"/attestations", query, nil) + defer ensureReaderClosed(resp) + if err != nil { + return ImageAttestationsResult{}, err + } + + var result ImageAttestationsResult + err = json.NewDecoder(resp.Body).Decode(&result.Items) + return result, err +} diff --git a/vendor/github.com/moby/moby/client/image_attestations_opts.go b/vendor/github.com/moby/moby/client/image_attestations_opts.go new file mode 100644 index 000000000..4a7c3bcf8 --- /dev/null +++ b/vendor/github.com/moby/moby/client/image_attestations_opts.go @@ -0,0 +1,56 @@ +package client + +import ( + "github.com/moby/moby/api/types/image" + ocispec "github.com/opencontainers/image-spec/specs-go/v1" +) + +// ImageAttestationsResult is the result of an ImageAttestations operation. +type ImageAttestationsResult struct { + Items []image.AttestationStatement +} + +// ImageAttestationsOption is a functional option for the ImageAttestations operation. +type ImageAttestationsOption interface { + Apply(*imageAttestationsOpts) error +} + +type imageAttestationsOptionFunc func(*imageAttestationsOpts) error + +func (f imageAttestationsOptionFunc) Apply(o *imageAttestationsOpts) error { return f(o) } + +type imageAttestationsOpts struct { + platform *ocispec.Platform + predicateTypes []string + includeStatement bool +} + +// ImageAttestationsWithPlatform filters attestations to those for the given +// platform variant. If omitted, the daemon's default platform is used. +func ImageAttestationsWithPlatform(platform ocispec.Platform) ImageAttestationsOption { + return imageAttestationsOptionFunc(func(o *imageAttestationsOpts) error { + o.platform = &platform + return nil + }) +} + +// ImageAttestationsWithPredicateTypes filters returned statements to those +// whose in-toto predicate type matches one of the given URIs. +// If not set, all statements are returned. +func ImageAttestationsWithPredicateTypes(types ...string) ImageAttestationsOption { + return imageAttestationsOptionFunc(func(o *imageAttestationsOpts) error { + o.predicateTypes = append(o.predicateTypes, types...) + return nil + }) +} + +// ImageAttestationsWithStatement asks the daemon to include the verbatim +// in-toto statement body in each returned entry. Without this option, only +// the descriptor and predicate type are returned and statement blobs are +// not read. +func ImageAttestationsWithStatement() ImageAttestationsOption { + return imageAttestationsOptionFunc(func(o *imageAttestationsOpts) error { + o.includeStatement = true + return nil + }) +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 57e4fd3e0..95dda5b8c 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -333,7 +333,7 @@ github.com/moby/buildkit/util/suggest # github.com/moby/docker-image-spec v1.3.1 ## explicit; go 1.18 github.com/moby/docker-image-spec/specs-go/v1 -# github.com/moby/moby/api v1.54.2 +# github.com/moby/moby/api v1.55.0 ## explicit; go 1.24 github.com/moby/moby/api/types github.com/moby/moby/api/types/blkiodev @@ -352,7 +352,7 @@ github.com/moby/moby/api/types/storage github.com/moby/moby/api/types/swarm github.com/moby/moby/api/types/system github.com/moby/moby/api/types/volume -# github.com/moby/moby/client v0.4.1 +# github.com/moby/moby/client v0.5.0 ## explicit; go 1.24 github.com/moby/moby/client github.com/moby/moby/client/internal