-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathresultset.go
More file actions
90 lines (72 loc) · 2.46 KB
/
resultset.go
File metadata and controls
90 lines (72 loc) · 2.46 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
// SPDX-FileCopyrightText: Copyright 2025 Carabiner Systems, Inc
// SPDX-License-Identifier: Apache-2.0
package predicates
import (
"encoding/json"
"github.com/carabiner-dev/attestation"
"google.golang.org/protobuf/encoding/protojson"
v1 "github.com/carabiner-dev/policy/api/v1"
)
// Ensure we are implementing the attestation framework predicate interface
var _ attestation.Predicate = (*ResultSet)(nil)
const PredicateTypeResultSet attestation.PredicateType = "https://carabiner.dev/ampel/resultset/v0"
// Result (or rather predicates.ResultSet) is a wrapper around the policyset
// evaluation results proto message that ampel generates with --attest
type ResultSet struct {
Parsed *v1.ResultSet
Data []byte
verification attestation.Verification
origin attestation.Subject
}
// GetOrigin calls the underlying method of the same name
func (r *ResultSet) GetOrigin() attestation.Subject {
return r.origin
}
// SetOrigin calls the underlying method of the same name
func (r *ResultSet) SetOrigin(origin attestation.Subject) {
r.origin = origin
}
func (r *ResultSet) SetType(attestation.PredicateType) error {
return nil
}
func (r *ResultSet) GetType() attestation.PredicateType {
return PredicateTypeResultSet
}
// SetVerification gets the signature verification data from the envelope
// parser before discarding the envelope. This is supposed the be stored
// for later retrieval.
func (r *ResultSet) SetVerification(verification attestation.Verification) {
r.verification = verification
}
// GetVerification returns the signature verification generated from the
// envelope parser. The verification may contain details about the integrity,
// identity and signature guarding the PolicySet.
func (r *ResultSet) GetVerification() attestation.Verification {
return r.verification
}
// GetParsed returns the Go policy object.
func (r *ResultSet) GetParsed() any {
return r.Parsed
}
// GetData returns the policy data serialized as JSON.
func (r *ResultSet) GetData() []byte {
if r.Data != nil {
return r.Data
}
data, err := protojson.Marshal(r.Parsed)
if err != nil {
return nil
}
r.Data = data
return data
}
// MarshalJSON implements the JSON marshaler interface. It reuses any pre
// parsed data already stored in the predicate.
func (r *ResultSet) MarshalJSON() ([]byte, error) {
// If the predicate was already marshalled, reuse the output
if r.Data != nil {
return r.Data, nil
}
// Otherwise, marshal the value
return json.Marshal(r.Parsed)
}