Attestation type Package
Sanity checks related to the format of the image build’s attestation.
Rules Included
Deprecated policy attestation format
The Conforma CLI now places the attestation data in a different location. This check fails if the expected new format is not found.
Solution: Use a newer version of the Conforma CLI.
-
Rule type: FAILURE
-
FAILURE message:
Deprecated policy attestation format found -
Code:
attestation_type.deprecated_policy_attestation_format -
Effective from:
2023-08-31T00:00:00Z
Known attestation type found
Confirm the attestation found for the image has a known attestation type.
Solution: Make sure the "_type" field in the attestation is supported. Supported types are configured in data sources.
-
Rule type: FAILURE
-
FAILURE message:
Unknown attestation type '%s' -
Code:
attestation_type.known_attestation_type
Known attestation types provided
Confirm the known_attestation_types rule data was provided.
Solution: Provide a list of known attestation types.
-
Rule type: FAILURE
-
FAILURE message:
%s -
Code:
attestation_type.known_attestation_types_provided
PipelineRun attestation found
Confirm at least one PipelineRun attestation is present.
Solution: Make sure the attestation being verified was generated from a Tekton pipelineRun.
-
Rule type: FAILURE
-
FAILURE message:
Missing pipelinerun attestation -
Code:
attestation_type.pipelinerun_attestation_found