experiment with table output

Signed-off-by: Meredith Lancaster <malancas@github.com>
2024-11-20 09:04:42 -07:00 · 2024-11-20 09:04:42 -07:00 · a170c91c6d
commit a170c91c6d
parent 08a66f5383
3 changed files with 43 additions and 1 deletions
--- a/pkg/cmd/attestation/io/handler.go
+++ b/pkg/cmd/attestation/io/handler.go
@ -29,6 +29,10 @@ func NewTestHandler() *Handler {
 	return NewHandler(testIO)
 }

+func (h *Handler) DebugEnabled() bool {
+	return h.debugEnabled
+}
+
 // Printf writes the formatted arguments to the stderr writer.
 func (h *Handler) Printf(f string, v ...interface{}) (int, error) {
 	if !h.IO.IsStdoutTTY() {
--- a/pkg/cmd/attestation/verification/policy.go
+++ b/pkg/cmd/attestation/verification/policy.go
@ -76,3 +76,30 @@ The following policy criteria will be enforced against all attestations:

 	return info
 }
+
+func (c EnforcementCriteria) BuildPolicyInformationForTable() [][]string {
+	predicateInfo := []string{"Predicate type", c.PredicateType}
+	issuerInfo := []string{"Issuer", c.Certificate.Issuer}
+	ownerURIInfo := []string{"SourceRepositoryOwnerURI", c.Certificate.SourceRepositoryOwnerURI}
+	info := [][]string{predicateInfo, issuerInfo, ownerURIInfo}
+
+	if c.Certificate.SourceRepositoryURI != "" {
+		sourceRepoURIInfo := []string{"SourceRepositoryURI", c.Certificate.SourceRepositoryURI}
+		info = append(info, sourceRepoURIInfo)
+	}
+
+	if c.Certificate.RunnerEnvironment == GitHubRunner {
+		runnerInfo := []string{"RunnerEnvironment", c.Certificate.RunnerEnvironment}
+		info = append(info, runnerInfo)
+	}
+
+	if c.SAN != "" {
+		sanInfo := []string{"SAN", c.SAN}
+		info = append(info, sanInfo)
+	} else if c.SANRegex != "" {
+		sanRegexInfo := []string{"SANRegex", c.SANRegex}
+		info = append(info, sanRegexInfo)
+	}
+
+	return info
+}
--- a/pkg/cmd/attestation/verify/verify.go
+++ b/pkg/cmd/attestation/verify/verify.go
@ -243,7 +243,18 @@ func runVerify(opts *Options) error {
 	attestations = filteredAttestations

 	// print information about the policy that will be enforced against attestations
-	opts.Logger.Println(ec.BuildPolicyInformation())
+	if opts.Logger.DebugEnabled() {
+		policyTableInfo := ec.BuildPolicyInformationForTable()
+		headers := []string{"attribute", "must match"}
+		opts.Logger.Println("")
+		if err = opts.Logger.PrintTable(headers, policyTableInfo); err != nil {
+			opts.Logger.Println(opts.Logger.ColorScheme.Red("failed to print policy information to table"))
+			return err
+		}
+		opts.Logger.Println("")
+	} else {
+		opts.Logger.Println(ec.BuildPolicyInformation())
+	}

 	sp, err := buildSigstoreVerifyPolicy(ec, *artifact)
 	if err != nil {