macaron.slsa_analyzer.provenance.slsa package
This module implements SLSA provenance abstractions.
- class macaron.slsa_analyzer.provenance.slsa.SLSAProvenanceData(asset: AssetLocator, payload: InTotoV01Payload | InTotoV1Payload)
Bases:
NamedTuple
SLSA provenance data.
-
asset:
AssetLocator
The provenance asset.
-
payload:
InTotoV01Payload
|InTotoV1Payload
The provenance payload.
-
asset:
- macaron.slsa_analyzer.provenance.slsa.extract_build_artifacts_from_slsa_subjects(payload)
Extract subjects that are build artifacts from the
"subject"
field of the provenance.Each artifact subject is assumed to have a sha256 digest. If a sha256 digest is not present for a subject, that subject is ignored.
- Parameters:
payload (InTotoPayload) – The provenance payload.
- Returns:
A list of subjects in the
"subject"
field of the provenance that are build artifacts.- Return type:
- macaron.slsa_analyzer.provenance.slsa.is_slsa_provenance_payload(payload, predicate_types)
Check if the given provenance payload is a SLSA provenance payload.