Module cli 

Atlas CLI SLSA Build Provenance Generator

This module provides Atlas CLI-specific functionality for generating SLSA (Supply-chain Levels for Software Artifacts) v1 Build Provenance attestations, implementing the logic for creating signed Build Provenance attestations using Atlas CLI as the builder.

Atlas CLI SLSA Builder

The generated provenance identifies Atlas CLI as the builder using:

• Builder ID: Uses ATLAS_CLI_BUILDER_ID from the generators module
• Build Type: Combines CLI_NAME and CLI_VERSION as the build type identifier
• External Parameters: Structures inputs and pipeline paths as SLSA external parameters

Examples

use atlas_cli::slsa::cli::generate_build_provenance;
use atlas_c2pa_lib::cose::HashAlgorithm;
use std::path::PathBuf;

// Generate Atlas CLI build provenance for a Rust project
generate_build_provenance(
    vec![
        PathBuf::from("src/main.rs"),
        PathBuf::from("Cargo.toml"),
    ],                                           // input source files
    PathBuf::from("build.sh"),                  // build pipeline script
    vec![
        PathBuf::from("target/release/myapp"),  // output artifacts
    ],
    Some(PathBuf::from("signing_key.pem")),     // signing key
    HashAlgorithm::Sha384,                      // hash algorithm
    "json".to_string(),                         // output format
    true,                                       // print to console
    None,                                       // no storage backend
    false,                                      // no TDX support
).unwrap();

Constants

ATLAS_CLI_BUILDER_ID

The Atlas CLI builder identifier for SLSA provenance.

Functions

generate_build_provenance

Generates an Atlas CLI-specific SLSA build provenance attestation.