Skip to content

Commit

Permalink
fixup! feat: Enable Witness Policy verify from Archivista
Browse files Browse the repository at this point in the history
Signed-off-by: Kairo Araujo <[email protected]>
  • Loading branch information
kairoaraujo committed May 3, 2024
1 parent b6acb3a commit adc1318
Show file tree
Hide file tree
Showing 5 changed files with 23 additions and 18 deletions.
4 changes: 3 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@ bin/
build/
vendor/
.dccache
.vscode
.profile.cov
test/testapp
test/test-attestation.json
test/policy-signed.json
Expand All @@ -15,4 +17,4 @@ sarif-report.json
test/log
node_modules
.DS_Store
docs-website/.docusaurus
docs-website/.docusaurus
5 changes: 3 additions & 2 deletions cmd/verify.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,8 +26,9 @@ import (
"github.com/in-toto/go-witness/cryptoutil"
"github.com/in-toto/go-witness/log"
"github.com/in-toto/go-witness/source"
archivista_client "github.com/in-toto/witness/internal/archivista"
"github.com/in-toto/witness/internal/policy"
"github.com/in-toto/witness/options"
"github.com/in-toto/witness/pkg"
"github.com/spf13/cobra"
)

Expand Down Expand Up @@ -95,7 +96,7 @@ func runVerify(ctx context.Context, vo options.VerifyOptions, verifiers ...crypt
verifiers = append(verifiers, v)
}

policyEnvelope, err := pkg.LoadPolicy(ctx, vo.PolicyFilePath, pkg.NewArchivistaClient(vo.ArchivistaOptions.Url, archivistaClient))
policyEnvelope, err := policy.LoadPolicy(ctx, vo.PolicyFilePath, archivista_client.NewArchivistaClient(vo.ArchivistaOptions.Url, archivistaClient))
if err != nil {
return fmt.Errorf("failed to load policy: %w", err)
}
Expand Down
18 changes: 9 additions & 9 deletions pkg/archivista.go → internal/archivista/archivista.go
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.

package pkg
package archivista

import (
"context"
Expand All @@ -21,38 +21,38 @@ import (
"github.com/in-toto/go-witness/dsse"
)

type archivistaClient struct {
type aClient struct {
url string
client ArchivistaClienter
client Clienter
}

// Define Client Interface for Archivista
type ArchivistaClienter interface {
type Clienter interface {
Download(ctx context.Context, gitoid string) (dsse.Envelope, error)
Store(ctx context.Context, env dsse.Envelope) (string, error)
SearchGitoids(ctx context.Context, vars archivista.SearchGitoidVariables) ([]string, error)
}

func NewArchivistaClient(url string, client *archivista.Client) ArchivistaClienter {
func NewArchivistaClient(url string, client *archivista.Client) Clienter {

if client == nil {
return nil
}

return &archivistaClient{
return &aClient{
url: url,
client: client,
}
}

func (ac *archivistaClient) Download(ctx context.Context, gitoid string) (dsse.Envelope, error) {
func (ac *aClient) Download(ctx context.Context, gitoid string) (dsse.Envelope, error) {
return ac.client.Download(ctx, gitoid)
}

func (ac *archivistaClient) Store(ctx context.Context, env dsse.Envelope) (string, error) {
func (ac *aClient) Store(ctx context.Context, env dsse.Envelope) (string, error) {
return ac.client.Store(ctx, env)
}

func (ac *archivistaClient) SearchGitoids(ctx context.Context, vars archivista.SearchGitoidVariables) ([]string, error) {
func (ac *aClient) SearchGitoids(ctx context.Context, vars archivista.SearchGitoidVariables) ([]string, error) {
return ac.client.SearchGitoids(ctx, vars)
}
7 changes: 4 additions & 3 deletions pkg/policy.go → internal/policy/policy.go
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.

package pkg
package policy

import (
"context"
Expand All @@ -22,12 +22,13 @@ import (

"github.com/in-toto/go-witness/dsse"
"github.com/in-toto/go-witness/log"
"github.com/in-toto/witness/internal/archivista"
)

// Load policy from a file or Archivista
//
// It prefers to load from a file, if it fails, it tries to load from Archivista
func LoadPolicy(ctx context.Context, policy string, ac ArchivistaClienter) (dsse.Envelope, error) {
func LoadPolicy(ctx context.Context, policy string, ac archivista.Clienter) (dsse.Envelope, error) {
policyEnvelope := dsse.Envelope{}

filePolicy, err := os.Open(policy)
Expand All @@ -41,7 +42,7 @@ func LoadPolicy(ctx context.Context, policy string, ac ArchivistaClienter) (dsse
if err != nil {
return policyEnvelope, fmt.Errorf("failed to fetch policy from archivista: %w", err)
}
log.Debug("folicy " + policy + " downloaded from archivista")
log.Debug("policy " + policy + " downloaded from archivista")
}

} else {
Expand Down
7 changes: 4 additions & 3 deletions pkg/policy_test.go → internal/policy/policy_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -12,22 +12,23 @@
// See the License for the specific language governing permissions and
// limitations under the License.

package pkg
package policy

import (
"context"
"errors"
"testing"

"github.com/in-toto/go-witness/dsse"
"github.com/in-toto/witness/internal/archivista"
"github.com/stretchr/testify/mock"
"github.com/stretchr/testify/suite"
)

// Mock archivista client
type ArchivistaClienterMock struct {
mock.Mock
ArchivistaClienter
archivista.Clienter
}

func (m *ArchivistaClienterMock) Download(ctx context.Context, path string) (dsse.Envelope, error) {
Expand All @@ -54,7 +55,7 @@ func (ut *UTPolicySuite) SetupTest() {
// Test LoadPolicy with file
func (ut *UTPolicySuite) TestLoadPolicyFile() {
ctx := context.Background()
policy := "../test/policy-hello-signed.json"
policy := "../../test/policy-hello-signed.json"

// Load policy from file
policyEnvelope, err := LoadPolicy(ctx, policy, nil)
Expand Down

0 comments on commit adc1318

Please sign in to comment.