helm
/
helm
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
priv-v3.14.4-djf
dependabot/github_actions/actions/checkout-4.1.3
dependabot/go_modules/golang.org/x/net-0.23.0
dependabot/go_modules/k8s-io-3183f273dc
dependabot/github_actions/github/codeql-action-3.25.1
release-3.14
main
dependabot/go_modules/golang.org/x/crypto-0.22.0
dependabot/go_modules/sigs.k8s.io/yaml-1.4.0
dependabot/go_modules/k8s.io/klog/v2-2.120.1
dependabot/go_modules/github.com/rubenv/sql-migrate-1.6.1
release-3.13
dependabot/github_actions/actions/stale-9.0.0
release-3.12
release-3.11
release-3.10
Release
release-3.9
release-3.8
release-3.7
release-3.6
release-3.6.2
release-3.6.1
release-3.5
release-3.4
add-codeql
dev-v2
release-2.17
release-3.3
release-2.16
release-3.2
release-3.1
release-3.0
release-2.15
release-v3.0.0-beta.4
release-2.14
release-2.13
release-2.12
release-2.11
release-2.10
feat-v3/event-emitter-lua
release-2.9
release-2.8
release-2.7
release-2.6
release-2.5
release-2.4
release-2.3
release-2.2
release-2.1
release-2.0
kube-update-test
release-v1.2.1
v3.14.4
v3.14.3
v3.14.2
v3.14.1
v3.14.0
v3.14.0-rc.1
v3.13.3
v3.13.2
v3.13.1
v3.13.0
v3.13.0-rc.1
v3.12.3
v3.12.2
v3.12.1
v3.12.0
v3.12.0-rc.1
v3.11.3
v3.11.2
v3.12.0-dev.1
v3.11.1
v3.11.0
v3.11.0-rc.2
v3.11.0-rc.1
v3.10.3
v3.10.2
v3.10.1
v3.10.0
v3.10.0-rc.1
v3.9.4
v3.9.3
v3.9.2
v3.9.1
v3.9.0
v3.9.0-rc.1
v3.8.2
v3.8.1
v3.8.0
v3.8.0-rc.2
v3.8.0-rc.1
v3.7.2
v3.7.1
v3.7.0
v3.7.0-rc.3
v3.7.0-rc.2
v3.7.0-rc.1
v3.6.3
v3.6.2
v3.6.1
v3.6.0
v3.6.0-rc.1
v3.5.4
v3.5.3
v3.5.2
v3.5.1
v3.5.0
v3.5.0-rc.2
v3.5.0-rc.1
v3.4.2
v3.4.1
v3.4.0
v2.17.0
v3.4.0-rc.1
v2.17.0-rc.1
v3.3.4
v2.16.12
v3.3.3
v2.16.11
v3.3.2
v3.3.1
v2.16.10
v3.3.0
v3.3.0-rc.2
v3.3.0-rc.1
v2.16.9
v3.2.4
v2.16.8
v3.2.3
v3.2.2
v3.2.1
v2.16.7
v3.1.3
v3.2.0
v3.2.0-rc.1
v2.16.6
v2.16.5
v2.16.4
v3.1.2
v3.1.1
v2.16.3
v2.16.2
v3.1.0
v3.1.0-rc.3
v3.1.0-rc.2
v3.1.0-rc.1
v3.0.3
v3.0.2
v3.0.1
v3.0.0
v2.16.1
v3.0.0-rc.4
v3.0.0-rc.3
v2.16.0
v3.0.0-rc.2
v2.16.0-rc.2
v2.16.0-rc.1
v3.0.0-rc.1
v2.15.2
v2.15.1
v3.0.0-beta.5
v2.15.0
v2.15.0-rc.2
v2.15.0-rc.1
v3.0.0-beta.4
v3.0.0-beta.3
v3.0.0-beta.2
v3.0.0-beta.1
v2.14.3
v3.0.0-alpha.2
v2.14.2
v2.14.1
v3.0.0-alpha.1
v2.14.0
v2.14.0-rc.2
v2.14.0-rc.1
v2.13.1
v2.13.1-rc.1
v2.13.0
v2.13.0-rc.2
v2.13.0-rc.1
v2.12.3
v2.12.2
v2.12.1
v2.12.0
v2.12.0-rc.2
v2.12.0-rc.1
v2.11.0
v2.11.0-rc.4
v2.11.0-rc.3
v2.11.0-rc.2
v2.11.0-rc.1
v2.10.0
v2.10.0-rc.3
v2.10.0-rc.2
v2.10.0-rc.1
v2.9.1
v2.9.0
v2.9.0-rc5
v2.9.0-rc4
v2.9.0-rc3
v2.9.0-rc2
v2.9.0-rc1
v2.8.2
v2.8.2-rc1
v2.8.1
v2.8.0
v2.8.0-rc.1
v2.7.2
v2.7.1
v2.7.0
v2.7.0-rc1
v2.6.2
v2.6.1
v2.6.0
v2.5.1
v2.5.0
v2.4.2
v2.4.1
v2.4.0
v2.3.1
v2.3.0
1.999.0
v1.0
v1.1
v1.2
v1.2.1
v2.0.0
v2.0.0-alpha.1
v2.0.0-alpha.2
v2.0.0-alpha.3
v2.0.0-alpha.4
v2.0.0-alpha.5
v2.0.0-beta.1
v2.0.0-beta.2
v2.0.0-rc.1
v2.0.0-rc.2
v2.0.1
v2.0.2
v2.1.0
v2.1.1
v2.1.2
v2.1.3
v2.2.0
v2.2.1
v2.2.2
v2.2.3
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'v2.17.0'
${ noResults }
helm/pkg/provenance/doc.go

38 lines
1.7 KiB
Go
Raw Permalink Blame History

/*
Copyright The Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
/*Package provenance provides tools for establishing the authenticity of a chart.
In Helm, provenance is established via several factors. The primary factor is the
cryptographic signature of a chart. Chart authors may sign charts, which in turn
provide the necessary metadata to ensure the integrity of the chart file, the
Chart.yaml, and the referenced Docker images.
A provenance file is clear-signed. This provides cryptographic verification that
a particular block of information (Chart.yaml, archive file, images) have not
been tampered with or altered. To learn more, read the GnuPG documentation on
clear signatures:
https://www.gnupg.org/gph/en/manual/x135.html
The cryptography used by Helm should be compatible with OpenGPG. For example,
you should be able to verify a signature by importing the desired public key
and using `gpg --verify`, `keybase pgp verify`, or similar:
$ gpg --verify some.sig
gpg: Signature made Mon Jul 25 17:23:44 2016 MDT using RSA key ID 1FC18762
gpg: Good signature from "Helm Testing (This key should only be used for testing. DO NOT TRUST.) <helm-testing@helm.sh>" [ultimate]
*/
package provenance // import "k8s.io/helm/pkg/provenance"
Reference in New Issue View Git Blame Copy Permalink