@docker/actions-toolkit/lib/sigstore/sigstore.d.ts

Toolkit for Docker (GitHub) Actions

/**
 * Copyright 2025 actions-toolkit authors
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
import { Cosign } from '../cosign/cosign.js';
import { ImageTools } from '../buildx/imagetools.js';
import { SignAttestationManifestsOpts, SignAttestationManifestsResult, SignProvenanceBlobsOpts, SignProvenanceBlobsResult, VerifyArtifactOpts, VerifyArtifactResult, VerifySignedArtifactsOpts, VerifySignedArtifactsResult, VerifySignedManifestsOpts, VerifySignedManifestsResult } from '../types/sigstore/sigstore.js';
export interface SigstoreOpts {
    cosign?: Cosign;
    imageTools?: ImageTools;
}
export declare class Sigstore {
    private readonly cosign;
    private readonly imageTools;
    constructor(opts?: SigstoreOpts);
    signAttestationManifests(opts: SignAttestationManifestsOpts): Promise<Record<string, SignAttestationManifestsResult>>;
    verifySignedManifests(signedManifestsResult: Record<string, SignAttestationManifestsResult>, opts: VerifySignedManifestsOpts): Promise<Record<string, VerifySignedManifestsResult>>;
    verifyImageAttestations(image: string, opts: VerifySignedManifestsOpts): Promise<Record<string, VerifySignedManifestsResult>>;
    verifyImageAttestation(attestationRef: string, opts: VerifySignedManifestsOpts): Promise<VerifySignedManifestsResult>;
    signProvenanceBlobs(opts: SignProvenanceBlobsOpts): Promise<Record<string, SignProvenanceBlobsResult>>;
    verifySignedArtifacts(signedArtifactsResult: Record<string, SignProvenanceBlobsResult>, opts: VerifySignedArtifactsOpts): Promise<Record<string, VerifySignedArtifactsResult>>;
    verifyArtifact(artifactPath: string, bundlePath: string, opts?: VerifyArtifactOpts): Promise<VerifyArtifactResult>;
    private signingEndpoints;
    private static noTransparencyLog;
    private static getProvenanceBlobs;
    private static getProvenanceSubjects;
    private static signPayload;
    private static parseBundle;
    private static parseCertificate;
}