Subset: SlsaBuildEnvTrack
Slots and classes related to the SLSA Build Environment Track, which measures the integrity of the compute environment running builds.
URI: SlsaBuildEnvTrack
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/slsa
Classes in subset
| Class | Description |
|---|---|
| BuildEnvironmentAttestation | An attestation describing the integrity of a build environment at the time a ... |
| BuildImage | The template for a build environment, such as a VM or container image |
| ResourceDescriptor | A reference to a software artifact including its location, digest, and option... |
| Statement | The middle layer of an in-toto software attestation (Statement v1) |
Slots from BuildEnvironmentAttestation also in slsa_build_env_track
| Name | Cardinality and Range | Description |
|---|---|---|
| _type | 1 String |
Always "https://in-toto |
| attestationStorageUri | 0..1 String |
URI indicating where this signed attestation is publicly stored or retrievabl... |
| buildEnvLevel | 0..1 BuildEnvLevelEnum |
The SLSA Build Environment Level supported or represented, reflecting the str... |
| buildId | 1 String |
An immutable identifier uniquely assigned to a build execution (e |
| buildImage | 0..1 BuildImage |
The build image from which the build environment was instantiated |
| measurements | * String |
Cryptographic measurements (hashes) of build environment components captured ... |
| predicate | 0..1 String |
The attestation payload — an arbitrary JSON object whose schema is fully dete... |
| predicateType | 1 String |
URI identifying the schema and semantics of the predicate field |
| subject | 1..* ResourceDescriptor |
The set of software artifacts to which a predicate applies |
Slots from BuildImage also in slsa_build_env_track
| Name | Cardinality and Range | Description |
|---|---|---|
| buildEnvLevel | 0..1 BuildEnvLevelEnum |
The SLSA Build Environment Level supported or represented, reflecting the str... |
| id | 1 String |
URI uniquely identifying this build image version (e |
| provenance | 0..1 BuildProvenance |
SLSA Build Provenance for a build image, describing how the image itself was ... |
Slots from ResourceDescriptor also in slsa_build_env_track
| Name | Cardinality and Range | Description |
|---|---|---|
| digest | 0..1 DigestSet |
Set of cryptographic digests of a resource's content used for integrity verif... |
| mediaType | 0..1 String |
IANA media type of a resource's content (e |
| uri | 0..1 String |
A URI uniquely identifying a resource, such as a package URL (purl), git repo... |
Slots from Statement also in slsa_build_env_track
| Name | Cardinality and Range | Description |
|---|---|---|
| _type | 1 String |
Always "https://in-toto |
| attestationStorageUri | 0..1 String |
URI indicating where this signed attestation is publicly stored or retrievabl... |
| predicate | 0..1 String |
The attestation payload — an arbitrary JSON object whose schema is fully dete... |
| predicateType | 1 String |
URI identifying the schema and semantics of the predicate field |
| subject | 1..* ResourceDescriptor |
The set of software artifacts to which a predicate applies |
Slots in subset
| Slot | Description |
|---|---|
| _type | Always "https://in-toto |
| attestationStorageUri | URI indicating where this signed attestation is publicly stored or retrievabl... |
| buildEnvLevel | The SLSA Build Environment Level supported or represented, reflecting the str... |
| buildId | An immutable identifier uniquely assigned to a build execution (e |
| buildImage | The build image from which the build environment was instantiated |
| digest | Set of cryptographic digests of a resource's content used for integrity verif... |
| id | A URI uniquely identifying an entity (build platform, verifier, build image, ... |
| measurements | Cryptographic measurements (hashes) of build environment components captured ... |
| mediaType | IANA media type of a resource's content (e |
| predicate | The attestation payload — an arbitrary JSON object whose schema is fully dete... |
| predicateType | URI identifying the schema and semantics of the predicate field |
| provenance | SLSA Build Provenance for a build image, describing how the image itself was ... |
| subject | The set of software artifacts to which a predicate applies |
| uri | A URI uniquely identifying a resource, such as a package URL (purl), git repo... |
Enumerations in subset
| Enumeration | Description |
|---|---|
| BuildEnvLevelEnum | SLSA Build Environment Track levels for validating the integrity of the compu... |