CLI fails to discover material type with OCI charts

[jiparis]

Trying to attest an OCI chart ends up discovering an STRING material type, but it should be HELM_CHART instead.
Running it in debug mode:

> cl att add --value ghcr.io/chainloop-dev/charts:latest --debug --token $(cat token.txt )
DBG Telemetry enabled, to disable it use DO_NOT_TRACK=1
DBG loading state state=file:///var/folders/ls/cv3k03v57ns18mmwjjbgy8z00000gn/T/chainloop-attestation.tmp.json
DBG loaded state state=file:///var/folders/ls/cv3k03v57ns18mmwjjbgy8z00000gn/T/chainloop-attestation.tmp.json
DBG failed to add material error="crafting material: can't open the file: open ghcr.io/chainloop-dev/charts:latest: no such file or directory" kind=OPENVEX
DBG failed to add material error="crafting material: can't open the file: open ghcr.io/chainloop-dev/charts:latest: no such file or directory" kind=SBOM_CYCLONEDX_JSON
DBG failed to add material error="crafting material: can't open the file: open ghcr.io/chainloop-dev/charts:latest: no such file or directory" kind=SBOM_SPDX_JSON
DBG decoding CSAF file path=ghcr.io/chainloop-dev/charts:latest
DBG failed to add material error="crafting material: can't open the file: open ghcr.io/chainloop-dev/charts:latest: no such file or directory - unexpected material type" kind=CSAF_VEX
DBG decoding CSAF file path=ghcr.io/chainloop-dev/charts:latest
DBG failed to add material error="crafting material: can't open the file: open ghcr.io/chainloop-dev/charts:latest: no such file or directory - unexpected material type" kind=CSAF_INFORMATIONAL_ADVISORY
DBG decoding CSAF file path=ghcr.io/chainloop-dev/charts:latest
DBG failed to add material error="crafting material: can't open the file: open ghcr.io/chainloop-dev/charts:latest: no such file or directory - unexpected material type" kind=CSAF_SECURITY_ADVISORY
DBG decoding CSAF file path=ghcr.io/chainloop-dev/charts:latest
DBG failed to add material error="crafting material: can't open the file: open ghcr.io/chainloop-dev/charts:latest: no such file or directory - unexpected material type" kind=CSAF_SECURITY_INCIDENT_RESPONSE
DBG failed to add material error="crafting material: can't open the file: open ghcr.io/chainloop-dev/charts:latest: no such file or directory" kind=JUNIT_XML
DBG failed to add material error="crafting material: can't open the file: open ghcr.io/chainloop-dev/charts:latest: no such file or directory" kind=HELM_CHART
DBG retrieving container image digest from remote name=ghcr.io/chainloop-dev/charts:latest
DBG failed to add material error="crafting material: GET https://ghcr.io/token?scope=repository%3Achainloop-dev%2Fcharts%3Apull&service=ghcr.io: DENIED: requested access to the resource is denied" kind=CONTAINER_IMAGE
DBG decoding SARIF file path=ghcr.io/chainloop-dev/charts:latest
DBG error decoding file error="the provided file path doesn't have a file"
DBG failed to add material error="crafting material: invalid SARIF file: unexpected material type" kind=SARIF
DBG failed to add material error="crafting material: artifact file cannot be read: open ghcr.io/chainloop-dev/charts:latest: no such file or directory" kind=ATTESTATION
DBG failed to add material error="crafting material: getting file stats: stat ghcr.io/chainloop-dev/charts:latest: no such file or directory" kind=ARTIFACT
DBG added to state key=material-1717598767208318000
INF material kind detected kind=STRING
INF material added to attestation

[javirln]

The reason being on this behavior is the fact that the Chart crafter does not try to download anything instead, it tries to validate what's found on the system.