Skip to content

Commit

Permalink
feat: add git refs to go witness git attestor
Browse files Browse the repository at this point in the history
this enables witness to track git refs

Co-authored-by: Nick Kane <[email protected]>
  • Loading branch information
kriscoleman and nkane authored Jun 5, 2024
1 parent 94c5d38 commit c99227e
Show file tree
Hide file tree
Showing 4 changed files with 14 additions and 3 deletions.
2 changes: 1 addition & 1 deletion archivista/store.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ import (
)

func (c *Client) Store(ctx context.Context, env dsse.Envelope) (string, error) {
resp, err := archivistaapi.Upload(ctx, c.url, env)
resp, err := archivistaapi.Store(ctx, c.url, env)
if err != nil {
return "", err
}
Expand Down
10 changes: 10 additions & 0 deletions attestation/git/git.go
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,7 @@ type Attestor struct {
Refs []string `json:"refs,omitempty"`
Remotes []string `json:"remotes,omitempty"`
Tags []Tag `json:"tags,omitempty"`
RefNameShort string `json:"branch,omitempty"`
}

func New() *Attestor {
Expand Down Expand Up @@ -184,6 +185,7 @@ func (a *Attestor) Attest(ctx *attestation.AttestationContext) error {
a.CommitDate = commit.Author.When.String()
a.CommitMessage = commit.Message
a.Signature = commit.PGPSignature
a.RefNameShort = head.Name().Short()

for _, parent := range commit.ParentHashes {
a.ParentHashes = append(a.ParentHashes, parent.String())
Expand Down Expand Up @@ -289,6 +291,14 @@ func (a *Attestor) Subjects() map[string]cryptoutil.DigestSet {
subjects[subjectName] = ds
}

// add refname short
subjectName = fmt.Sprintf("refnameshort:%v", a.RefNameShort)
ds, err = cryptoutil.CalculateDigestSetFromBytes([]byte(a.RefNameShort), hashes)
if err != nil {
return nil
}
subjects[subjectName] = ds

return subjects
}

Expand Down
1 change: 1 addition & 0 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,7 @@ require (
github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1 // indirect
github.com/jmespath/go-jmespath v0.4.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/klauspost/compress v1.17.6 // indirect
github.com/letsencrypt/boulder v0.0.0-20240226214708-a97e074b5a3e // indirect
github.com/mailru/easyjson v0.7.7 // indirect
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
Expand Down
4 changes: 2 additions & 2 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -225,8 +225,8 @@ github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4
github.com/kevinburke/ssh_config v1.2.0/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM=
github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
github.com/klauspost/compress v1.17.4 h1:Ej5ixsIri7BrIjBkRZLTo6ghwrEtHFk7ijlczPW4fZ4=
github.com/klauspost/compress v1.17.4/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM=
github.com/klauspost/compress v1.17.6 h1:60eq2E/jlfwQXtvZEeBUYADs+BwKBWURIY+Gj2eRGjI=
github.com/klauspost/compress v1.17.6/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM=
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
Expand Down

0 comments on commit c99227e

Please sign in to comment.