Dagger
Search

chainloop

Chainloop is an open source project that allows you to collect, attest, and distribute pieces of evidence from your Software Supply Chain.

Installation

dagger install github.com/chainloop-dev/chainloop@v0.90.1

Entrypoint

Return Type
Chainloop
Example
func (m *myModule) example() *Chainloop  {
	return dag.
			Chainloop()
}
@function
def example() -> dag.Chainloop:
	return (
		dag.chainloop()
	)
@func()
example(): Chainloop {
	return dag
		.chainloop()
}

Types

Chainloop 🔗

init() 🔗

Initialize a new attestation

Return Type
Attestation !
Arguments
NameTypeDefault ValueDescription
tokenSecret !-Chainloop API token
contractRevisionString -Workflow Contract revision, default is the latest
repositoryDirectory -Path to the source repository to be attested
Example
dagger -m github.com/chainloop-dev/chainloop@f3880faf81821b17d8f308904363cc11bdf08451 call \
 init --token env:MYSECRET \
 status
func (m *myModule) example(token *Secret) *ChainloopAttestation  {
	return dag.
			Chainloop().
			Init(token)
}
@function
def example(token: dagger.Secret) -> dag.ChainloopAttestation:
	return (
		dag.chainloop()
		.init(token)
	)
@func()
example(token: Secret): ChainloopAttestation {
	return dag
		.chainloop()
		.init(token)
}

resume() 🔗

Resume an attestation from its identifier

Return Type
Attestation !
Arguments
NameTypeDefault ValueDescription
attestationIdString !-The attestation ID
tokenSecret !-Chainloop API token
Example
dagger -m github.com/chainloop-dev/chainloop@f3880faf81821b17d8f308904363cc11bdf08451 call \
 resume --attestation-id string --token env:MYSECRET \
 status
func (m *myModule) example(attestationId string, token *Secret) *ChainloopAttestation  {
	return dag.
			Chainloop().
			Resume(attestationId, token)
}
@function
def example(attestation_id: str, token: dagger.Secret) -> dag.ChainloopAttestation:
	return (
		dag.chainloop()
		.resume(attestation_id, token)
	)
@func()
example(attestationId: string, token: Secret): ChainloopAttestation {
	return dag
		.chainloop()
		.resume(attestationId, token)
}

Attestation 🔗

A Chainloop attestation https://docs.chainloop.dev/how-does-it-work/#contract-based-attestation

attestationId() 🔗

Return Type
String !
Example
dagger -m github.com/chainloop-dev/chainloop@f3880faf81821b17d8f308904363cc11bdf08451 call \
 resume --attestation-id string --token env:MYSECRET \
 attestation-id
func (m *myModule) example(ctx context.Context, attestationId string, token *Secret) string  {
	return dag.
			Chainloop().
			Resume(attestationId, token).
			AttestationId(ctx)
}
@function
async def example(attestation_id: str, token: dagger.Secret) -> str:
	return await (
		dag.chainloop()
		.resume(attestation_id, token)
		.attestation_id()
	)
@func()
async example(attestationId: string, token: Secret): Promise<string> {
	return dag
		.chainloop()
		.resume(attestationId, token)
		.attestationId()
}

status() 🔗

Check the attestation status

Return Type
String !
Example
dagger -m github.com/chainloop-dev/chainloop@f3880faf81821b17d8f308904363cc11bdf08451 call \
 resume --attestation-id string --token env:MYSECRET \
 status
func (m *myModule) example(ctx context.Context, attestationId string, token *Secret) string  {
	return dag.
			Chainloop().
			Resume(attestationId, token).
			Status(ctx)
}
@function
async def example(attestation_id: str, token: dagger.Secret) -> str:
	return await (
		dag.chainloop()
		.resume(attestation_id, token)
		.status()
	)
@func()
async example(attestationId: string, token: Secret): Promise<string> {
	return dag
		.chainloop()
		.resume(attestationId, token)
		.status()
}

sync() 🔗

Sync will force the client to send an actual query to the chainloop control plane This is specially important to be run right after Init for example

att := chainloop.Init(ctx, token, "main")

if err := att.Sync(ctx); err != nil {
	return nil, err
}
Return Type
Void !
Example
dagger -m github.com/chainloop-dev/chainloop@f3880faf81821b17d8f308904363cc11bdf08451 call \
 resume --attestation-id string --token env:MYSECRET \
 sync
func (m *myModule) example(ctx context.Context, attestationId string, token *Secret)   {
	return dag.
			Chainloop().
			Resume(attestationId, token).
			Sync(ctx)
}
@function
async def example(attestation_id: str, token: dagger.Secret) -> None:
	return await (
		dag.chainloop()
		.resume(attestation_id, token)
		.sync()
	)
@func()
async example(attestationId: string, token: Secret): Promise<void> {
	return dag
		.chainloop()
		.resume(attestationId, token)
		.sync()
}

withRegistryAuth() 🔗

Attach credentials for a container registry. Chainloop will use them to query the registry for container image pieces of evidences

Return Type
Attestation !
Arguments
NameTypeDefault ValueDescription
addressString !-Registry address. Example: "index.docker.io"
usernameString !-Registry username
passwordSecret !-Registry password
Example
dagger -m github.com/chainloop-dev/chainloop@f3880faf81821b17d8f308904363cc11bdf08451 call \
 resume --attestation-id string --token env:MYSECRET \
 with-registry-auth --address string --username string --password env:MYSECRET \
 status
func (m *myModule) example(attestationId string, token *Secret, address string, username string, password *Secret) *ChainloopAttestation  {
	return dag.
			Chainloop().
			Resume(attestationId, token).
			WithRegistryAuth(address, username, password)
}
@function
def example(attestation_id: str, token: dagger.Secret, address: str, username: str, password: dagger.Secret) -> dag.ChainloopAttestation:
	return (
		dag.chainloop()
		.resume(attestation_id, token)
		.with_registry_auth(address, username, password)
	)
@func()
example(attestationId: string, token: Secret, address: string, username: string, password: Secret): ChainloopAttestation {
	return dag
		.chainloop()
		.resume(attestationId, token)
		.withRegistryAuth(address, username, password)
}

addRawEvidence() 🔗

Add a raw string piece of evidence to the attestation

Return Type
Attestation !
Arguments
NameTypeDefault ValueDescription
nameString !-Material name. Example: "my-blob"
valueString !-The contents of the blob
Example
dagger -m github.com/chainloop-dev/chainloop@f3880faf81821b17d8f308904363cc11bdf08451 call \
 resume --attestation-id string --token env:MYSECRET \
 add-raw-evidence --name string --value string \
 status
func (m *myModule) example(attestationId string, token *Secret, name string, value string) *ChainloopAttestation  {
	return dag.
			Chainloop().
			Resume(attestationId, token).
			AddRawEvidence(name, value)
}
@function
def example(attestation_id: str, token: dagger.Secret, name: str, value: str) -> dag.ChainloopAttestation:
	return (
		dag.chainloop()
		.resume(attestation_id, token)
		.add_raw_evidence(name, value)
	)
@func()
example(attestationId: string, token: Secret, name: string, value: string): ChainloopAttestation {
	return dag
		.chainloop()
		.resume(attestationId, token)
		.addRawEvidence(name, value)
}

addFileEvidence() 🔗

Add a file type piece of evidence to the attestation

Return Type
Attestation !
Arguments
NameTypeDefault ValueDescription
nameString !-Evidence name. Example: "my-binary"
pathFile !-The file to add
Example
dagger -m github.com/chainloop-dev/chainloop@f3880faf81821b17d8f308904363cc11bdf08451 call \
 resume --attestation-id string --token env:MYSECRET \
 add-file-evidence --name string --path file:path \
 status
func (m *myModule) example(attestationId string, token *Secret, name string, path *File) *ChainloopAttestation  {
	return dag.
			Chainloop().
			Resume(attestationId, token).
			AddFileEvidence(name, path)
}
@function
def example(attestation_id: str, token: dagger.Secret, name: str, path: dagger.File) -> dag.ChainloopAttestation:
	return (
		dag.chainloop()
		.resume(attestation_id, token)
		.add_file_evidence(name, path)
	)
@func()
example(attestationId: string, token: Secret, name: string, path: File): ChainloopAttestation {
	return dag
		.chainloop()
		.resume(attestationId, token)
		.addFileEvidence(name, path)
}

debug() 🔗

Return Type
Terminal !
Example
Function ChainloopAttestation.debug is not accessible from the chainloop module
func (m *myModule) example(attestationId string, token *Secret) *Terminal  {
	return dag.
			Chainloop().
			Resume(attestationId, token).
			Debug()
}
@function
def example(attestation_id: str, token: dagger.Secret) -> dag.Terminal:
	return (
		dag.chainloop()
		.resume(attestation_id, token)
		.debug()
	)
@func()
example(attestationId: string, token: Secret): Terminal {
	return dag
		.chainloop()
		.resume(attestationId, token)
		.debug()
}

container() 🔗

Build an ephemeral container with everything needed to process the attestation

Return Type
Container !
Arguments
NameTypeDefault ValueDescription
ttlInteger 0Cache TTL for chainloop commands, in seconds Defaults to 0: no caching
Example
dagger -m github.com/chainloop-dev/chainloop@f3880faf81821b17d8f308904363cc11bdf08451 call \
 resume --attestation-id string --token env:MYSECRET \
 container
func (m *myModule) example(attestationId string, token *Secret) *Container  {
	return dag.
			Chainloop().
			Resume(attestationId, token).
			Container()
}
@function
def example(attestation_id: str, token: dagger.Secret) -> dagger.Container:
	return (
		dag.chainloop()
		.resume(attestation_id, token)
		.container()
	)
@func()
example(attestationId: string, token: Secret): Container {
	return dag
		.chainloop()
		.resume(attestationId, token)
		.container()
}

push() 🔗

Generate, sign and push the attestation to the chainloop control plane

Return Type
String !
Arguments
NameTypeDefault ValueDescription
keySecret !-No description provided
passphraseSecret !-No description provided
Example
dagger -m github.com/chainloop-dev/chainloop@f3880faf81821b17d8f308904363cc11bdf08451 call \
 resume --attestation-id string --token env:MYSECRET \
 push --key env:MYSECRET --passphrase env:MYSECRET
func (m *myModule) example(ctx context.Context, attestationId string, token *Secret, key *Secret, passphrase *Secret) string  {
	return dag.
			Chainloop().
			Resume(attestationId, token).
			Push(ctx, key, passphrase)
}
@function
async def example(attestation_id: str, token: dagger.Secret, key: dagger.Secret, passphrase: dagger.Secret) -> str:
	return await (
		dag.chainloop()
		.resume(attestation_id, token)
		.push(key, passphrase)
	)
@func()
async example(attestationId: string, token: Secret, key: Secret, passphrase: Secret): Promise<string> {
	return dag
		.chainloop()
		.resume(attestationId, token)
		.push(key, passphrase)
}

markFailed() 🔗

Mark the attestation as failed

Return Type
Void !
Arguments
NameTypeDefault ValueDescription
reasonString -The reason for canceling, in human-readable form
Example
dagger -m github.com/chainloop-dev/chainloop@f3880faf81821b17d8f308904363cc11bdf08451 call \
 resume --attestation-id string --token env:MYSECRET \
 mark-failed
func (m *myModule) example(ctx context.Context, attestationId string, token *Secret)   {
	return dag.
			Chainloop().
			Resume(attestationId, token).
			MarkFailed(ctx)
}
@function
async def example(attestation_id: str, token: dagger.Secret) -> None:
	return await (
		dag.chainloop()
		.resume(attestation_id, token)
		.mark_failed()
	)
@func()
async example(attestationId: string, token: Secret): Promise<void> {
	return dag
		.chainloop()
		.resume(attestationId, token)
		.markFailed()
}

markCanceled() 🔗

Mark the attestation as canceled

Return Type
Void !
Arguments
NameTypeDefault ValueDescription
reasonString -The reason for canceling, in human-readable form
Example
dagger -m github.com/chainloop-dev/chainloop@f3880faf81821b17d8f308904363cc11bdf08451 call \
 resume --attestation-id string --token env:MYSECRET \
 mark-canceled
func (m *myModule) example(ctx context.Context, attestationId string, token *Secret)   {
	return dag.
			Chainloop().
			Resume(attestationId, token).
			MarkCanceled(ctx)
}
@function
async def example(attestation_id: str, token: dagger.Secret) -> None:
	return await (
		dag.chainloop()
		.resume(attestation_id, token)
		.mark_canceled()
	)
@func()
async example(attestationId: string, token: Secret): Promise<void> {
	return dag
		.chainloop()
		.resume(attestationId, token)
		.markCanceled()
}