atlas-cli 0.2.0

Machine Learning Lifecycle & Transparency Manager - Create and verify manifests for ML models and datasets
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66

//! # SLSA (Supply-chain Levels for Software Artifacts) Implementation
//!
//! This module provides functionality for generating SLSA (Supply-chain Levels for Software Artifacts)
//! v1 build provenance attestations. SLSA is a security framework that helps protect the integrity of
//! software artifacts throughout the development and deployment pipeline.
//!
//! ## Overview
//!
//! SLSA provenance provides a cryptographically verifiable record of:
//! - What software was built
//! - How it was built (build process, tools, environment)
//! - Who built it (builder identity and authentication)
//! - When it was built (timestamps and metadata)
//!
//! ## SLSA Build Levels
//!
//! This implementation supports SLSA Build provenance with varying levels of security:
//! - **Build L1**: Basic provenance generation with minimal requirements
//! - **Build L2**: Enhanced provenance with hosted build service requirements
//! - **Build L3**: High-confidence provenance with additional security controls
//!
//! ## Key Components
//!
//! - [`cli`] - An Atlas CLI specific generator for SLSA Build Provenance
//! - [`generators`] - Core functions for creating SLSA provenance structures
//! - [`BUILD_PROVENANCE_PREDICATE_TYPE_V1`] - Standard SLSA v1 predicate type URI
//!
//! ## Examples
//!
//! ### Basic Build Provenance Generation
//!
//! ```no_run
//! use atlas_cli::slsa::cli::generate_build_provenance;
//! use atlas_c2pa_lib::cose::HashAlgorithm;
//! use std::path::PathBuf;
//!
//! // Generate SLSA build provenance for compiled artifacts
//! generate_build_provenance(
//!     vec![PathBuf::from("src/main.rs")],           // input files
//!     PathBuf::from("Makefile"),                    // build script
//!     vec![PathBuf::from("target/release/myapp")],  // output artifacts  
//!     Some(PathBuf::from("signing_key.pem")),       // signing key
//!     HashAlgorithm::Sha384,                        // hash algorithm
//!     "json".to_string(),                           // output format
//!     true,                                         // print to stdout
//!     None,                                         // storage backend
//!     false,                                        // TDX support
//! ).unwrap();
//! ```
pub mod cli;
pub mod generators;

/// The standard SLSA v1 build provenance in-toto predicate type URI.
///
/// This constant defines the official predicate type identifier for SLSA build provenance
/// attestations according to the SLSA v1 specification. It is used in in-toto Statements
/// to indicate that the predicate contains SLSA build provenance information.
///
/// ```
/// use atlas_cli::slsa::BUILD_PROVENANCE_PREDICATE_TYPE_V1;
///
/// // Used in attestation generation
/// let predicate_type = BUILD_PROVENANCE_PREDICATE_TYPE_V1;
/// assert_eq!(predicate_type, "https://slsa.dev/provenance/v1");
/// ```
pub const BUILD_PROVENANCE_PREDICATE_TYPE_V1: &str = "https://slsa.dev/provenance/v1";