Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Replace predicate file path with io.Reader #904

Merged
merged 1 commit into from
Oct 16, 2021
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 10 additions & 4 deletions cmd/cosign/cli/attest/attest.go
Original file line number Diff line number Diff line change
Expand Up @@ -89,11 +89,17 @@ func AttestCmd(ctx context.Context, ko sign.KeyOpts, regOpts options.RegistryOpt
dd := cremote.NewDupeDetector(sv)

fmt.Fprintln(os.Stderr, "Using payload from:", predicatePath)
predicate, err := os.Open(predicatePath)
if err != nil {
return err
}
defer predicate.Close()

sh, err := attestation.GenerateStatement(attestation.GenerateOpts{
Path: predicatePath,
Type: predicateType,
Digest: h.Hex,
Repo: digest.Repository.String(),
Predicate: predicate,
Type: predicateType,
Digest: h.Hex,
Repo: digest.Repository.String(),
})
if err != nil {
return err
Expand Down
31 changes: 11 additions & 20 deletions pkg/cosign/attestation/attestation.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,7 @@ package attestation
import (
"encoding/json"
"fmt"
"io/ioutil"
"path/filepath"
"io"
"reflect"
"strings"
"time"
Expand All @@ -41,8 +40,8 @@ type CosignPredicate struct {

// GenerateOpts specifies the options of the Statement generator.
type GenerateOpts struct {
// Path is the given path to the predicate file.
Path string
// Predicate is the source of bytes (e.g. a file) to use as the statement's predicate.
Predicate io.Reader
// Type is the pre-defined enums (provenance|link|spdx).
// default: custom
Type string
Expand All @@ -55,24 +54,25 @@ type GenerateOpts struct {
Time func() time.Time
}

// GenerateStatement returns corresponding Predicate (custom|provenance|spdx|link)
// based on the type you specified.
// GenerateStatement returns an in-toto statement based on the provided
// predicate type (custom|slsaprovenance|spdx|link).
func GenerateStatement(opts GenerateOpts) (interface{}, error) {
rawPayload, err := readPayload(opts.Path)
predicate, err := io.ReadAll(opts.Predicate)
if err != nil {
return nil, err
}

switch opts.Type {
case "slsaprovenance":
return generateSLSAProvenanceStatement(rawPayload, opts.Digest, opts.Repo)
return generateSLSAProvenanceStatement(predicate, opts.Digest, opts.Repo)
case "spdx":
return generateSPDXStatement(rawPayload, opts.Digest, opts.Repo)
return generateSPDXStatement(predicate, opts.Digest, opts.Repo)
case "link":
return generateLinkStatement(rawPayload, opts.Digest, opts.Repo)
return generateLinkStatement(predicate, opts.Digest, opts.Repo)
default:
stamp := timestamp(opts)
predicateType := customType(opts)
return generateCustomStatement(rawPayload, predicateType, opts.Digest, opts.Repo, stamp)
return generateCustomStatement(predicate, predicateType, opts.Digest, opts.Repo, stamp)
}
}

Expand Down Expand Up @@ -106,7 +106,6 @@ func generateStatementHeader(digest, repo, predicateType string) in_toto.Stateme
}
}

//
func generateCustomStatement(rawPayload []byte, customType, digest, repo, timestamp string) (interface{}, error) {
payload, err := generateCustomPredicate(rawPayload, customType, timestamp)
if err != nil {
Expand Down Expand Up @@ -176,14 +175,6 @@ func generateSPDXStatement(rawPayload []byte, digest string, repo string) (inter
}, nil
}

func readPayload(predicatePath string) ([]byte, error) {
rawPayload, err := ioutil.ReadFile(filepath.Clean(predicatePath))
if err != nil {
return nil, errors.Wrap(err, "payload from file")
}
return rawPayload, nil
}

func checkRequiredJSONFields(rawPayload []byte, typ reflect.Type) error {
var tmp map[string]interface{}
if err := json.Unmarshal(rawPayload, &tmp); err != nil {
Expand Down