diff --git a/pkg/cmd/attestation/github/attestation.go b/pkg/cmd/attestation/github/attestation.go new file mode 100644 index 000000000..4f48dd4ad --- /dev/null +++ b/pkg/cmd/attestation/github/attestation.go @@ -0,0 +1,33 @@ +package github + +import ( + "fmt" + + "github.com/sigstore/sigstore-go/pkg/bundle" +) + +const ( + GetAttestationByRepoAndSubjectDigestPath = "repos/%s/attestations/%s" + GetAttestationByOwnerAndSubjectDigestPath = "orgs/%s/attestations/%s" +) + +type ErrNoAttestations struct { + name string + digest string +} + +func (e ErrNoAttestations) Error() string { + return fmt.Sprintf("no attestations found for digest %s in %s", e.name, e.digest) +} + +func newErrNoAttestations(name, digest string) ErrNoAttestations { + return ErrNoAttestations{name, digest} +} + +type Attestation struct { + Bundle *bundle.ProtobufBundle `json:"bundle"` +} + +type AttestationsResponse struct { + Attestations []*Attestation `json:"attestations"` +} diff --git a/pkg/cmd/attestation/github/client.go b/pkg/cmd/attestation/github/client.go new file mode 100644 index 000000000..13688a5f4 --- /dev/null +++ b/pkg/cmd/attestation/github/client.go @@ -0,0 +1,19 @@ +package github + +import "github.com/cli/cli/v2/api" + +type Client interface { + GetByRepoAndDigest(repo, digest string, limit int) ([]*Attestation, error) + GetByOwnerAndDigest(owner, digest string, limit int) ([]*Attestation, error) +} + +type LiveClient struct { + apiClient api.Client +} + +func NewLiveClient() (*LiveClient, error) { + apiClient := api.NewClientFromHTTP(httpClient) + return &LiveClient{ + apiClient: apiClient, + }, nil +} diff --git a/pkg/cmd/attestation/verify/verify.go b/pkg/cmd/attestation/verify/verify.go index a4662df6b..3ced61b89 100644 --- a/pkg/cmd/attestation/verify/verify.go +++ b/pkg/cmd/attestation/verify/verify.go @@ -86,9 +86,6 @@ func NewVerifyCmd(f *cmdutil.Factory) *cobra.Command { // when RunE is used, the command usage will be printed // We only want to print the error, not usage Run: func(cmd *cobra.Command, args []string) { - // Configure the GitHub API client - apiClient := api.NewClientFromHTTP(httpClient) - if err := runVerify(opts); err != nil { opts.Logger.Println(opts.Logger.ColorScheme.Redf("Failed to verify the artifact: %s", err.Error())) os.Exit(1)