From b65c942e1f9fc7e00f0ee4b75604bc05980acb3f Mon Sep 17 00:00:00 2001
From: Meredith Lancaster <malancas@github.com>
Date: Wed, 6 Nov 2024 09:45:03 -0700
Subject: [PATCH] update verification slice building

Signed-off-by: Meredith Lancaster <malancas@github.com>
---
 pkg/cmd/attestation/verification/sigstore.go | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/pkg/cmd/attestation/verification/sigstore.go b/pkg/cmd/attestation/verification/sigstore.go
index 825f9da1c..86000405b 100644
--- a/pkg/cmd/attestation/verification/sigstore.go
+++ b/pkg/cmd/attestation/verification/sigstore.go
@@ -203,7 +203,8 @@ func (v *LiveSigstoreVerifier) Verify(attestations []*api.Attestation, policy ve
 		return nil, ErrNoAttestationsVerified
 	}
 
-	results := make([]*AttestationProcessingResult, 0)
+	results := make([]*AttestationProcessingResult, len(attestations))
+	var verifyCount int
 	var lastError error
 	totalAttestations := len(attestations)
 	for i, a := range attestations {
@@ -215,13 +216,17 @@ func (v *LiveSigstoreVerifier) Verify(attestations []*api.Attestation, policy ve
 			// move onto the next attestation in the for loop if verification fails
 			continue
 		}
-		results = append(results, apr)
+		results[verifyCount] = apr
+		verifyCount++
 	}
 
-	if len(results) == 0 {
+	if verifyCount == 0 {
 		return nil, lastError
 	}
 
+	// truncate the results slice to only include verified attestations
+	results = results[:verifyCount]
+
 	return results, nil
 }