Skip to content

Commit

Permalink
WIP commit
Browse files Browse the repository at this point in the history
  • Loading branch information
@matglas
matglas committed May 8, 2024
1 parent 577831c commit 1e93f4d
Show file tree
Hide file tree
Showing 2 changed files with 57 additions and 4 deletions.
49 changes: 46 additions & 3 deletions src/attestor/attestor.go
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,12 @@
package attestor

Check failure on line 1 in src/attestor/attestor.go

View workflow job for this annotation

GitHub Actions / lint 

: # github.com/thought-machine/please/src/attestor

import (
"encoding/hex"
"encoding/json"
"log"

Check failure on line 6 in src/attestor/attestor.go

View workflow job for this annotation

GitHub Actions / lint 

"log" imported and not used

Check failure on line 6 in src/attestor/attestor.go

View workflow job for this annotation

GitHub Actions / lint 

"log" imported and not used

prov "github.com/in-toto/attestation/go/predicates/provenance/v1"
attestation "github.com/in-toto/attestation/go/v1"
// v1 "github.com/in-toto/attestation/go/v1"
"google.golang.org/protobuf/types/known/structpb"

Expand All @@ -18,11 +21,10 @@ const (
DefaultBuilderId = "https://please.build/[email protected]"
)



type Provenance struct {
PbProvenance prov.Provenance
// products map[string]string
// subjects map[string]string
// export bool
}

func New() *Provenance {
Expand Down Expand Up @@ -57,7 +59,18 @@ func (p *Provenance) Attest(targets, preTargets []core.BuildLabel, state *core.B
}

// External Parameters
externalParam := make(map[string]interface{})

targetNames := make([]interface{}, 0)
for _, v := range targets {
targetNames = append(targetNames, v.String())
}
externalParam["targets"] = targetNames

p.PbProvenance.BuildDefinition.ExternalParameters, err = structpb.NewStruct(externalParam)
if err != nil {
return err
}

// Resolved Dependencies

Expand All @@ -66,10 +79,40 @@ func (p *Provenance) Attest(targets, preTargets []core.BuildLabel, state *core.B


// Subjects
subjects, err := p.Subjects(targets, state)

Check failure on line 82 in src/attestor/attestor.go

View workflow job for this annotation

GitHub Actions / lint 

subjects declared and not used (typecheck)

Check failure on line 82 in src/attestor/attestor.go

View workflow job for this annotation

GitHub Actions / lint 

subjects declared and not used) (typecheck)
if err != nil {
return err
}

return nil
}

func (p *Provenance) MarshalJSON() ([]byte, error) {
return json.Marshal(&p.PbProvenance)
}

func (p *Provenance) Subjects(targets []core.BuildLabel, state *core.BuildState) ([]*attestation.ResourceDescriptor, error) {
subjects := []*attestation.ResourceDescriptor{}

for _, label := range targets {
p := state.SyncParsePackage(label)
outputs := p.Target(label.Name).FullOutputs()

for _, outputItem := range outputs {
hash, err := state.PathHasher.Hash(outputItem, false, false, false)
if err != nil {
return nil, err
}

subject := &attestation.ResourceDescriptor{}
subject.Name = outputItem
subject.Digest = map[string]string{
state.PathHasher.AlgoName(): hex.EncodeToString(hash),
}

subjects = append(subjects, subject)
}

}
return subjects, nil
}
12 changes: 11 additions & 1 deletion src/plz/plz.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,17 @@ func Run(targets, preTargets []core.BuildLabel, state *core.BuildState, config *
state.CloseResults()

prov := attestor.New()
prov.Attest(targets, preTargets, state, config, arch)
err := prov.Attest(targets, preTargets, state, config, arch)
if err != nil {
log.Errorf("%v", err)
}

provenanceJson, err := prov.MarshalJSON()
if err != nil {
log.Errorf("%v", err)
}

log.Infof("%s", provenanceJson)

// TODO: Provenance implementation
// - Sign provenance
Expand Down

0 comments on commit 1e93f4d

Please sign in to comment.