STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
cli/pkg/cmd/attestation/api/attestation.go
Kynan Ware 8f7e98c6f6 Add godoc comments to exported symbols in pkg/cmd/attestation 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-03-04 15:53:47 -07:00

65 lines
2.1 KiB
Go
Raw Blame History

package api
import (
"encoding/json"
"errors"
"fmt"
"github.com/sigstore/sigstore-go/pkg/bundle"
)
const (
// GetAttestationByRepoAndSubjectDigestPath is the API path for fetching attestations by repo and digest.
GetAttestationByRepoAndSubjectDigestPath = "repos/%s/attestations/%s"
// GetAttestationByOwnerAndSubjectDigestPath is the API path for fetching attestations by owner and digest.
GetAttestationByOwnerAndSubjectDigestPath = "orgs/%s/attestations/%s"
)
// ErrNoAttestationsFound is returned when no attestations are found for a given digest.
var ErrNoAttestationsFound = errors.New("no attestations found")
// Attestation represents a single attestation bundle with its metadata.
type Attestation struct {
Bundle *bundle.Bundle `json:"bundle"`
BundleURL string `json:"bundle_url"`
Initiator string `json:"initiator"`
}
// AttestationsResponse wraps a list of attestations returned by the API.
type AttestationsResponse struct {
Attestations []*Attestation `json:"attestations"`
}
// IntotoStatement represents a minimal in-toto statement with a predicate type.
type IntotoStatement struct {
PredicateType string `json:"predicateType"`
}
// FilterAttestations returns only attestations matching the given predicate type.
func FilterAttestations(predicateType string, attestations []*Attestation) ([]*Attestation, error) {
filteredAttestations := []*Attestation{}
for _, each := range attestations {
dsseEnvelope := each.Bundle.GetDsseEnvelope()
if dsseEnvelope != nil {
if dsseEnvelope.PayloadType != "application/vnd.in-toto+json" {
// Don't fail just because an entry isn't intoto
continue
}
var intotoStatement IntotoStatement
if err := json.Unmarshal([]byte(dsseEnvelope.Payload), &intotoStatement); err != nil {
// Don't fail just because a single entry can't be unmarshalled
continue
}
if intotoStatement.PredicateType == predicateType {
filteredAttestations = append(filteredAttestations, each)
}
}
}
if len(filteredAttestations) == 0 {
return nil, fmt.Errorf("no attestations found with predicate type: %s", predicateType)
}
return filteredAttestations, nil
}
Reference in a new issue View git blame Copy permalink