Created
October 27, 2022 20:05
-
-
Save johnfosborneiii/d83084c005287034d22a351d3e21e1aa to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| COSIGN_FILE=$(mktemp -q XXXXXX.json) | |
| printf '\n' | |
| printf '===============================================================\n' | |
| printf '=== Searching artifacthub.io for artifacts signed by cosign ===\n' | |
| printf '===============================================================\n' | |
| printf '\n' | |
| declare -A kind | |
| kind=( | |
| [0]="Helm charts" | |
| [1]="Falco rules" | |
| [2]="OPA policies" | |
| [3]="OLM operators" | |
| [4]="Tinkerbell actions" | |
| [5]="Krew kubectl plugins" | |
| [6]="Helm plugins" | |
| [7]="Tekton tasks" | |
| [8]="KEDA scalers" | |
| [9]="Core DNS plugins" | |
| [10]="Keptn integrations" | |
| [11]="Tekton pipelines" | |
| [12]="Container images" | |
| [13]="Kubewarden policies" | |
| [14]="Gatekeeper policies" | |
| ) | |
| ## now loop through the above array | |
| for kindindex in "${!kind[@]}"; | |
| do | |
| offset=0 | |
| output="" | |
| kindresults="" | |
| URL="https://artifacthub.io/api/v1/packages/search?facets=false&limit=20&kind=" | |
| URL+="$kindindex" | |
| URL+="&deprecated=false&sort=stars" | |
| output="$(curl -s -X 'GET' -H 'accept: application/json' $URL | jq -r '.packages[] | select(.signatures | index("cosign"))')" | |
| offset=$((offset + 20)) | |
| kindresults="$output" | |
| while [[ -n $output ]] | |
| do | |
| URL="https://artifacthub.io/api/v1/packages/search?facets=false&limit=20&kind=" | |
| URL+="$kindindex" | |
| URL+="&deprecated=false&sort=stars&offset=" | |
| URL+=$offset | |
| output="$(curl -s -X 'GET' -H 'accept: application/json' $URL | jq -r '.packages[] | select(.signatures | index("cosign"))')" | |
| offset=$((offset + 20)) | |
| kindresults+=$output | |
| done | |
| if [[ -n $kindresults ]] | |
| then | |
| echo $kindresults >> $COSIGN_FILE | |
| packagelist="$(echo $kindresults | jq -r '. | {name} | .[]')" | |
| numfindings="$(echo $packagelist | wc -w)" | |
| printf 'Total %s signed with cosign: %s\n' "${kind[$kindindex]}" "$numfindings" | |
| printf 'Packages found:\n%s\n' "$packagelist" | |
| else | |
| printf 'Total %s signed with cosign: 0\n' "${kind[$kindindex]}" | |
| fi | |
| done | |
| printf '\nJSON Results saved to %s\n' "$COSIGN_FILE" | |
| exit |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment