From 5462df5e7bab571fe1cdea3646835600c5f41682 Mon Sep 17 00:00:00 2001 From: Meredith Lancaster Date: Fri, 1 Mar 2024 16:31:23 -0700 Subject: [PATCH] start pulling in the github api client wrapper Signed-off-by: Meredith Lancaster --- pkg/cmd/attestation/github/attestation.go | 33 +++++++++++++++++++++++ pkg/cmd/attestation/github/client.go | 19 +++++++++++++ pkg/cmd/attestation/verify/verify.go | 3 --- 3 files changed, 52 insertions(+), 3 deletions(-) create mode 100644 pkg/cmd/attestation/github/attestation.go create mode 100644 pkg/cmd/attestation/github/client.go diff --git a/pkg/cmd/attestation/github/attestation.go b/pkg/cmd/attestation/github/attestation.go new file mode 100644 index 000000000..4f48dd4ad --- /dev/null +++ b/pkg/cmd/attestation/github/attestation.go @@ -0,0 +1,33 @@ +package github + +import ( + "fmt" + + "github.com/sigstore/sigstore-go/pkg/bundle" +) + +const ( + GetAttestationByRepoAndSubjectDigestPath = "repos/%s/attestations/%s" + GetAttestationByOwnerAndSubjectDigestPath = "orgs/%s/attestations/%s" +) + +type ErrNoAttestations struct { + name string + digest string +} + +func (e ErrNoAttestations) Error() string { + return fmt.Sprintf("no attestations found for digest %s in %s", e.name, e.digest) +} + +func newErrNoAttestations(name, digest string) ErrNoAttestations { + return ErrNoAttestations{name, digest} +} + +type Attestation struct { + Bundle *bundle.ProtobufBundle `json:"bundle"` +} + +type AttestationsResponse struct { + Attestations []*Attestation `json:"attestations"` +} diff --git a/pkg/cmd/attestation/github/client.go b/pkg/cmd/attestation/github/client.go new file mode 100644 index 000000000..13688a5f4 --- /dev/null +++ b/pkg/cmd/attestation/github/client.go @@ -0,0 +1,19 @@ +package github + +import "github.com/cli/cli/v2/api" + +type Client interface { + GetByRepoAndDigest(repo, digest string, limit int) ([]*Attestation, error) + GetByOwnerAndDigest(owner, digest string, limit int) ([]*Attestation, error) +} + +type LiveClient struct { + apiClient api.Client +} + +func NewLiveClient() (*LiveClient, error) { + apiClient := api.NewClientFromHTTP(httpClient) + return &LiveClient{ + apiClient: apiClient, + }, nil +} diff --git a/pkg/cmd/attestation/verify/verify.go b/pkg/cmd/attestation/verify/verify.go index a4662df6b..3ced61b89 100644 --- a/pkg/cmd/attestation/verify/verify.go +++ b/pkg/cmd/attestation/verify/verify.go @@ -86,9 +86,6 @@ func NewVerifyCmd(f *cmdutil.Factory) *cobra.Command { // when RunE is used, the command usage will be printed // We only want to print the error, not usage Run: func(cmd *cobra.Command, args []string) { - // Configure the GitHub API client - apiClient := api.NewClientFromHTTP(httpClient) - if err := runVerify(opts); err != nil { opts.Logger.Println(opts.Logger.ColorScheme.Redf("Failed to verify the artifact: %s", err.Error())) os.Exit(1)