Enum SignaturePolicy 

pub enum SignaturePolicy<'a> {
    None,
    RequireKey {
        path: &'a str,
    },
    RequireKeyless {
        identity: Option<&'a str>,
        issuer: Option<&'a str>,
    },
}

Policy for verifying a module artifact’s cosign signature during pull.

• None — skip signature verification entirely (default).
• RequireKey { path } — fail unless cosign verify --key <path> succeeds.
• RequireKeyless { identity, issuer } — fail unless keyless verification matches the supplied certificate identity / OIDC issuer constraints.

Variants

None

RequireKey

Fields

path: &'a str

RequireKeyless

Fields

identity: Option<&'a str>

issuer: Option<&'a str>

Trait Implementations

impl<'a> Clone for SignaturePolicy<'a>

fn clone(&self) -> SignaturePolicy<'a>

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl<'a> Debug for SignaturePolicy<'a>

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.