opentofu/internal/getproviders
Martin Atkins b2c0ccdf96 internal/getproviders: Allow PackageMeta to carry acceptable hashes
The "acceptable hashes" for a package is a set of hashes that the upstream
source considers to be good hashes for checking whether future installs
of the same provider version are considered to match this one.

Because the acceptable hashes are a package authentication concern and
they already need to be known (at least in part) to implement the
authenticators, here we add AcceptableHashes as an optional extra method
that an authenticator can implement.

Because these are hashes chosen by the upstream system, the caller must
make its own determination about their trustworthiness. The result of
authentication is likely to be an input to that, for example by
distrusting hashes produced by an authenticator that succeeds but doesn't
report having validated anything.
2020-09-24 14:01:54 -07:00
..
testdata internal/getproviders: Allow basedir for local search to be symlink 2020-08-18 14:28:50 -07:00
doc.go internal/getproviders: Query a provider registry 2020-01-10 09:41:27 -08:00
errors.go internal/getproviders: HTTPMirrorSource implementation 2020-08-26 13:18:08 -07:00
filesystem_mirror_source_test.go internal/getproviders: Allow PackageMeta to carry acceptable hashes 2020-09-24 14:01:54 -07:00
filesystem_mirror_source.go internal/getproviders: decode and return any registry warnings (#25337) 2020-06-25 10:49:48 -04:00
filesystem_search_test.go internal/getproviders: Allow basedir for local search to be symlink 2020-08-18 14:28:50 -07:00
filesystem_search.go internal/getproviders: Allow basedir for local search to be symlink 2020-08-18 14:28:50 -07:00
hash.go internal/getproviders: Formalize the "ziphash" hashing scheme 2020-09-24 14:01:54 -07:00
http_mirror_source_test.go internal/getproviders: Allow PackageMeta to carry acceptable hashes 2020-09-24 14:01:54 -07:00
http_mirror_source.go internal/getproviders: Allow PackageMeta to carry acceptable hashes 2020-09-24 14:01:54 -07:00
legacy_lookup_test.go command: Add redirect support to 0.13upgrade 2020-08-31 14:53:35 -04:00
legacy_lookup.go command: Add redirect support to 0.13upgrade 2020-08-31 14:53:35 -04:00
memoize_source_test.go internal/getproviders: decode and return any registry warnings (#25337) 2020-06-25 10:49:48 -04:00
memoize_source.go internal/getproviders: decode and return any registry warnings (#25337) 2020-06-25 10:49:48 -04:00
mock_source.go internal/getproviders: Allow PackageMeta to carry acceptable hashes 2020-09-24 14:01:54 -07:00
multi_source_test.go internal/getproviders: decode and return any registry warnings (#25337) 2020-06-25 10:49:48 -04:00
multi_source.go internal/getproviders: decode and return any registry warnings (#25337) 2020-06-25 10:49:48 -04:00
package_authentication_test.go internal/getproviders: Allow PackageMeta to carry acceptable hashes 2020-09-24 14:01:54 -07:00
package_authentication.go internal/getproviders: Allow PackageMeta to carry acceptable hashes 2020-09-24 14:01:54 -07:00
public_keys.go internal: Verify provider signatures on install 2020-04-17 13:57:19 -04:00
registry_client_test.go command: Add redirect support to 0.13upgrade 2020-08-31 14:53:35 -04:00
registry_client.go internal/getproviders: Allow PackageMeta to carry acceptable hashes 2020-09-24 14:01:54 -07:00
registry_source_test.go internal/getproviders: Allow PackageMeta to carry acceptable hashes 2020-09-24 14:01:54 -07:00
registry_source.go command: Add redirect support to 0.13upgrade 2020-08-31 14:53:35 -04:00
source.go internal/getproviders: decode and return any registry warnings (#25337) 2020-06-25 10:49:48 -04:00
types.go internal/getproviders: Allow PackageMeta to carry acceptable hashes 2020-09-24 14:01:54 -07:00