From 67ac04bd1cdd27c9aaced72bf85c38a1255f2b48 Mon Sep 17 00:00:00 2001
From: Meredith Lancaster <malancas@github.com>
Date: Thu, 14 Mar 2024 22:15:15 -0600
Subject: [PATCH] remove unneeded embedded file system

Signed-off-by: Meredith Lancaster <malancas@github.com>
---
 pkg/cmd/attestation/verification/tuf.go | 27 ++++---------------------
 1 file changed, 4 insertions(+), 23 deletions(-)

diff --git a/pkg/cmd/attestation/verification/tuf.go b/pkg/cmd/attestation/verification/tuf.go
index 2f24ec119..b92f2bf5a 100644
--- a/pkg/cmd/attestation/verification/tuf.go
+++ b/pkg/cmd/attestation/verification/tuf.go
@@ -1,31 +1,17 @@
 package verification
 
 import (
-	"embed"
-	"fmt"
+	_ "embed"
 	"os"
 
 	"github.com/sigstore/sigstore-go/pkg/tuf"
 )
 
-//go:embed embed
-var embeddedRepos embed.FS
+//go:embed embed/tuf-repo.github.com/root.json
+var githubRoot []byte
 
 const GitHubTUFMirror = "https://tuf-repo.github.com"
 
-// readEmbeddedRoot reads the embedded trust anchor for the given URL
-func readEmbeddedRoot(url string) ([]byte, error) {
-	// the embed file system always uses forward slashes, even on Windows
-	p := fmt.Sprintf("embed/%s/root.json", tuf.URLToPath(url))
-
-	b, err := embeddedRepos.ReadFile(p)
-	if err != nil {
-		return nil, err
-	}
-
-	return b, nil
-}
-
 func DefaultOptionsWithCacheSetting() *tuf.Options {
 	opts := tuf.DefaultOptions()
 
@@ -43,12 +29,7 @@ func DefaultOptionsWithCacheSetting() *tuf.Options {
 func GitHubTUFOptions() (*tuf.Options, error) {
 	opts := DefaultOptionsWithCacheSetting()
 
-	// replace root and mirror url
-	root, err := readEmbeddedRoot(GitHubTUFMirror)
-	if err != nil {
-		return nil, err
-	}
-	opts.Root = root
+	opts.Root = githubRoot
 	opts.RepositoryBaseURL = GitHubTUFMirror
 
 	return opts, nil