-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathpolicygroup.go
More file actions
96 lines (77 loc) · 2.59 KB
/
policygroup.go
File metadata and controls
96 lines (77 loc) · 2.59 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
// SPDX-FileCopyrightText: Copyright 2025 Carabiner Systems, Inc
// SPDX-License-Identifier: Apache-2.0
package predicates
import (
"encoding/json"
"github.com/carabiner-dev/attestation"
"google.golang.org/protobuf/encoding/protojson"
v1 "github.com/carabiner-dev/policy/api/v1"
)
// Ensure we are implementing the attestation framework predicate interface
var _ attestation.Predicate = (*PolicyGroup)(nil)
const PredicateTypePolicyGroup attestation.PredicateType = "https://carabiner.dev/ampel/policygroup/v0"
// Policy (or rather predicate.Policy) is a wrapper around the policy proto
// message that implements the ampel attestation predicate interface.
type PolicyGroup struct {
Parsed *v1.PolicyGroup
Data []byte
verification attestation.Verification
}
// GetOrigin calls the underlying method of the same name
func (grp *PolicyGroup) GetOrigin() attestation.Subject {
if grp.Parsed == nil {
return nil
}
return grp.Parsed.GetOrigin()
}
// SetOrigin calls the underlying method of the same name
func (grp *PolicyGroup) SetOrigin(origin attestation.Subject) {
if grp.Parsed == nil {
return
}
grp.Parsed.SetOrigin(origin)
}
// GetVerification returns the signature verification generated from the
// envelope parser. The verification may contain details about the integrity,
// identity and signature guarding the PolicyGroup.
func (grp *PolicyGroup) GetVerification() attestation.Verification {
return grp.verification
}
// SetVerification gets the signature verification data from the envelope
// parser before discarding the envelope. This is supposed the be stored
// for later retrieval.
func (grp *PolicyGroup) SetVerification(verification attestation.Verification) {
grp.verification = verification
}
// GetParsed returns the Go policy object.
func (grp *PolicyGroup) GetParsed() any {
return grp.Parsed
}
// GetData returns the policy data serialized as JSON.
func (grp *PolicyGroup) GetData() []byte {
if grp.Data != nil {
return grp.Data
}
data, err := protojson.Marshal(grp.Parsed)
if err != nil {
return nil
}
grp.Data = data
return data
}
// MarshalJSON implements the JSON marshaler interface. It reuses any pre
// parsed data already stored in the predicate.
func (grp *PolicyGroup) MarshalJSON() ([]byte, error) {
// If the predicate was already marshalled, reuse the output
if grp.Data != nil {
return grp.Data, nil
}
// Otherwise, marshal the value
return json.Marshal(grp.Parsed)
}
func (grp *PolicyGroup) SetType(attestation.PredicateType) error {
return nil
}
func (grp *PolicyGroup) GetType() attestation.PredicateType {
return PredicateTypePolicyGroup
}