An attestation wrapper that uses the Grafeas Signature message. This attestation must define the serialized_payload that the signatures verify and any metadata necessary to interpret that plaintext. The signatures should always be over the serialized_payload bytestring.

Attributes

• contentType (type: String.t, default: nil) - Type (for example schema) of the attestation payload that was signed. The verifier must ensure that the provided type is one that the verifier supports, and that the attestation payload is a valid instantiation of that type (for example by validating a JSON schema).
• serializedPayload (type: String.t, default: nil) - The serialized payload that is verified by one or more signatures. The encoding and semantic meaning of this payload must match what is set in content_type.
• signatures (type: list(GoogleApi.ContainerAnalysis.V1beta1.Model.Signature.t), default: nil) - One or more signatures over serialized_payload. Verifier implementations should consider this attestation message verified if at least one signature verifies serialized_payload. See Signature in common.proto for more details on signature structure and verification.