diff --git a/client/client_test.go b/client/client_test.go index 758b74b1dd91..9dd960550822 100644 --- a/client/client_test.go +++ b/client/client_test.go @@ -6329,16 +6329,14 @@ func testExportAttestations(t *testing.T, sb integration.Sandbox) { if err != nil { return nil, err } - res.AddAttestation(pk, &gateway.InTotoAttestation{ - PredicateRef: refAttest, + res.AddInTotoAttestation(pk, &attestation.InTotoAttestation{ PredicatePath: "/attestation.json", PredicateType: "https://example.com/attestations/v1.0", Subjects: []attestation.InTotoSubject{ &attestation.InTotoSubjectSelf{}, }, - }) - res.AddAttestation(pk, &gateway.InTotoAttestation{ - PredicateRef: refAttest, + }, refAttest) + res.AddInTotoAttestation(pk, &attestation.InTotoAttestation{ PredicatePath: "/attestation2.json", PredicateType: "https://example.com/attestations2/v1.0", Subjects: []attestation.InTotoSubject{ @@ -6347,7 +6345,7 @@ func testExportAttestations(t *testing.T, sb integration.Sandbox) { Digest: []digest.Digest{successDigest}, }, }, - }) + }, refAttest) } dt, err := json.Marshal(expPlatforms) diff --git a/exporter/containerimage/writer.go b/exporter/containerimage/writer.go index d9af277dbc93..0d65b5517a14 100644 --- a/exporter/containerimage/writer.go +++ b/exporter/containerimage/writer.go @@ -98,8 +98,12 @@ func (ic *ImageWriter) Commit(ctx context.Context, inp exporter.Source, sessionI return mfstDesc, nil } - if len(p.Platforms) != len(inp.Refs) { - return nil, errors.Errorf("number of platforms does not match references %d %d", len(p.Platforms), len(inp.Refs)) + refCount := len(p.Platforms) + for _, attests := range inp.Attestations { + refCount += len(attests) + } + if refCount != len(inp.Refs) { + return nil, errors.Errorf("number of required refs does not match references %d %d", refCount, len(inp.Refs)) } refs := make([]cache.ImmutableRef, 0, len(inp.Refs)) @@ -166,7 +170,7 @@ func (ic *ImageWriter) Commit(ctx context.Context, inp exporter.Source, sessionI labels[fmt.Sprintf("containerd.io/gc.ref.content.%d", i)] = desc.Digest.String() if attestations, ok := inp.Attestations[p.ID]; ok { - inTotos, err := ic.extractAttestations(ctx, session.NewGroup(sessionID), desc, attestations...) + inTotos, err := ic.extractAttestations(ctx, session.NewGroup(sessionID), desc, inp.Refs, attestations) if err != nil { return nil, err } @@ -244,16 +248,25 @@ func (ic *ImageWriter) exportLayers(ctx context.Context, refCfg cacheconfig.RefC return out, err } -func (ic *ImageWriter) extractAttestations(ctx context.Context, s session.Group, desc *ocispecs.Descriptor, attestations ...exporter.Attestation) ([]intoto.Statement, error) { +func (ic *ImageWriter) extractAttestations(ctx context.Context, s session.Group, desc *ocispecs.Descriptor, refs map[string]cache.ImmutableRef, attestations []attestation.Attestation) ([]intoto.Statement, error) { eg, ctx := errgroup.WithContext(ctx) statements := make([]intoto.Statement, len(attestations)) + if len(attestations) > 0 && refs == nil { + return nil, errors.Errorf("no refs map provided to lookup attestation keys") + } + for i, att := range attestations { i, att := i, att eg.Go(func() error { switch att := att.(type) { - case *exporter.InTotoAttestation: - mount, err := att.PredicateRef.Mount(ctx, true, s) + case *attestation.InTotoAttestation: + ref, ok := refs[att.PredicateRefKey] + if !ok { + return errors.Errorf("key %s not found in refs map", att.PredicateRefKey) + } + + mount, err := ref.Mount(ctx, true, s) if err != nil { return err } @@ -264,7 +277,6 @@ func (ic *ImageWriter) extractAttestations(ctx context.Context, s session.Group, return err } defer lm.Unmount() - predicate, err := os.ReadFile(path.Join(src, att.PredicatePath)) if err != nil { return err diff --git a/exporter/exporter.go b/exporter/exporter.go index aca156f77bf3..925c13c21595 100644 --- a/exporter/exporter.go +++ b/exporter/exporter.go @@ -26,18 +26,5 @@ type Source struct { Ref cache.ImmutableRef Refs map[string]cache.ImmutableRef Metadata map[string][]byte - Attestations map[string][]Attestation + Attestations map[string][]attestation.Attestation } - -type Attestation interface { - isExporterAttestation() -} - -type InTotoAttestation struct { - PredicateType string - PredicateRef cache.ImmutableRef - PredicatePath string - Subjects []attestation.InTotoSubject -} - -func (a *InTotoAttestation) isExporterAttestation() {} diff --git a/exporter/local/export.go b/exporter/local/export.go index 2ff194ca55c1..a3cd9406206f 100644 --- a/exporter/local/export.go +++ b/exporter/local/export.go @@ -2,6 +2,7 @@ package local import ( "context" + "encoding/json" "os" "strings" "time" @@ -9,10 +10,12 @@ import ( "github.com/docker/docker/pkg/idtools" "github.com/moby/buildkit/cache" "github.com/moby/buildkit/exporter" + "github.com/moby/buildkit/exporter/containerimage/exptypes" "github.com/moby/buildkit/session" "github.com/moby/buildkit/session/filesync" "github.com/moby/buildkit/snapshot" "github.com/moby/buildkit/util/progress" + "github.com/pkg/errors" "github.com/tonistiigi/fsutil" fstypes "github.com/tonistiigi/fsutil/types" "golang.org/x/sync/errgroup" @@ -60,6 +63,18 @@ func (e *localExporterInstance) Export(ctx context.Context, inp exporter.Source, isMap := len(inp.Refs) > 0 + platformsBytes, ok := inp.Metadata[exptypes.ExporterPlatformsKey] + if isMap && !ok { + return nil, errors.Errorf("unable to export multiple refs, missing platforms mapping") + } + + var p exptypes.Platforms + if ok && len(platformsBytes) > 0 { + if err := json.Unmarshal(platformsBytes, &p); err != nil { + return nil, errors.Wrapf(err, "failed to parse platforms passed to exporter") + } + } + export := func(ctx context.Context, k string, ref cache.ImmutableRef) func() error { return func() error { var src string @@ -130,8 +145,12 @@ func (e *localExporterInstance) Export(ctx context.Context, inp exporter.Source, eg, ctx := errgroup.WithContext(ctx) if isMap { - for k, ref := range inp.Refs { - eg.Go(export(ctx, k, ref)) + for _, p := range p.Platforms { + r, ok := inp.Refs[p.ID] + if !ok { + return nil, errors.Errorf("failed to find ref for ID %s", p.ID) + } + eg.Go(export(ctx, p.ID, r)) } } else { eg.Go(export(ctx, "", inp.Ref)) diff --git a/exporter/tar/export.go b/exporter/tar/export.go index c09b087969ab..806dbef7f27d 100644 --- a/exporter/tar/export.go +++ b/exporter/tar/export.go @@ -2,6 +2,7 @@ package local import ( "context" + "encoding/json" "os" "strconv" "strings" @@ -10,6 +11,7 @@ import ( "github.com/docker/docker/pkg/idtools" "github.com/moby/buildkit/cache" "github.com/moby/buildkit/exporter" + "github.com/moby/buildkit/exporter/containerimage/exptypes" "github.com/moby/buildkit/session" "github.com/moby/buildkit/session/filesync" "github.com/moby/buildkit/snapshot" @@ -131,12 +133,28 @@ func (e *localExporterInstance) Export(ctx context.Context, inp exporter.Source, }, nil } + platformsBytes, ok := inp.Metadata[exptypes.ExporterPlatformsKey] + if len(inp.Refs) > 0 && !ok { + return nil, errors.Errorf("unable to export multiple refs, missing platforms mapping") + } + + var p exptypes.Platforms + if ok && len(platformsBytes) > 0 { + if err := json.Unmarshal(platformsBytes, &p); err != nil { + return nil, errors.Wrapf(err, "failed to parse platforms passed to exporter") + } + } + var fs fsutil.FS if len(inp.Refs) > 0 { - dirs := make([]fsutil.Dir, 0, len(inp.Refs)) - for k, ref := range inp.Refs { - d, err := getDir(ctx, k, ref) + dirs := make([]fsutil.Dir, 0, len(p.Platforms)) + for _, p := range p.Platforms { + r, ok := inp.Refs[p.ID] + if !ok { + return nil, errors.Errorf("failed to find ref for ID %s", p.ID) + } + d, err := getDir(ctx, p.ID, r) if err != nil { return nil, err } diff --git a/frontend/gateway/client/result.go b/frontend/gateway/client/result.go index 613308eea548..845e3ad588ba 100644 --- a/frontend/gateway/client/result.go +++ b/frontend/gateway/client/result.go @@ -4,31 +4,19 @@ import ( "context" "sync" + "github.com/moby/buildkit/identity" "github.com/moby/buildkit/util/attestation" "github.com/pkg/errors" ) type BuildFunc func(context.Context, Client) (*Result, error) -type Attestation interface { - isClientAttestation() -} - -type InTotoAttestation struct { - PredicateType string - PredicateRef Reference - PredicatePath string - Subjects []attestation.InTotoSubject -} - -func (a *InTotoAttestation) isClientAttestation() {} - type Result struct { mu sync.Mutex Ref Reference Refs map[string]Reference Metadata map[string][]byte - Attestations map[string][]Attestation + Attestations map[string][]attestation.Attestation } func NewResult() *Result { @@ -53,11 +41,13 @@ func (r *Result) AddRef(k string, ref Reference) { r.mu.Unlock() } -func (r *Result) AddAttestation(k string, v Attestation) { +func (r *Result) AddInTotoAttestation(k string, v *attestation.InTotoAttestation, predicateRef Reference) { r.mu.Lock() if r.Attestations == nil { - r.Attestations = map[string][]Attestation{} + r.Attestations = map[string][]attestation.Attestation{} } + v.PredicateRefKey = "attestation:" + identity.NewID() + r.Refs[v.PredicateRefKey] = predicateRef r.Attestations[k] = append(r.Attestations[k], v) r.mu.Unlock() } diff --git a/frontend/gateway/forwarder/forward.go b/frontend/gateway/forwarder/forward.go index bf73e83ab258..e9544987032b 100644 --- a/frontend/gateway/forwarder/forward.go +++ b/frontend/gateway/forwarder/forward.go @@ -18,7 +18,6 @@ import ( llberrdefs "github.com/moby/buildkit/solver/llbsolver/errdefs" opspb "github.com/moby/buildkit/solver/pb" "github.com/moby/buildkit/util/apicaps" - "github.com/moby/buildkit/util/attestation" "github.com/moby/buildkit/worker" digest "github.com/opencontainers/go-digest" "github.com/pkg/errors" @@ -85,18 +84,9 @@ func (c *bridgeClient) Solve(ctx context.Context, req client.SolveRequest) (*cli c.refs = append(c.refs, rr) cRes.SetRef(rr) } - for k, as := range res.Attestations { - for _, a := range as { - att, rrs, err := c.newAttestation(a, session.NewGroup(c.sid)) - if err != nil { - return nil, err - } - c.refs = append(c.refs, rrs...) - cRes.AddAttestation(k, att) - } - } c.mu.Unlock() cRes.Metadata = res.Metadata + cRes.Attestations = res.Attestations return cRes, nil } @@ -215,43 +205,7 @@ func (c *bridgeClient) toFrontendResult(r *client.Result) (*frontend.Result, err res.Ref = rr.acquireResultProxy() } res.Metadata = r.Metadata - if r.Attestations != nil { - res.Attestations = make(map[string][]frontend.Attestation) - for k, as := range r.Attestations { - for _, a := range as { - switch a := a.(type) { - case *client.InTotoAttestation: - rr, ok := a.PredicateRef.(*ref) - if !ok { - return nil, errors.Errorf("invalid reference type for forward %T", r) - } - - subjects := make([]attestation.InTotoSubject, len(a.Subjects)) - for i, s := range a.Subjects { - switch s := s.(type) { - case *attestation.InTotoSubjectSelf: - subjects[i] = &attestation.InTotoSubjectSelf{} - case *attestation.InTotoSubjectRaw: - subjects[i] = &attestation.InTotoSubjectRaw{ - Name: s.Name, - Digest: s.Digest, - } - default: - return nil, errors.Errorf("unknown attestation subject type %T", s) - } - } - res.Attestations[k] = append(res.Attestations[k], &frontend.InTotoAttestation{ - PredicateRef: rr.acquireResultProxy(), - PredicatePath: a.PredicatePath, - PredicateType: a.PredicateType, - Subjects: subjects, - }) - default: - return nil, errors.Errorf("unknown attestation type %T", a) - } - } - } - } + res.Attestations = r.Attestations return res, nil } @@ -360,39 +314,6 @@ func (c *bridgeClient) newRef(r solver.ResultProxy, s session.Group) (*ref, erro return &ref{resultProxy: r, session: s, c: c}, nil } -func (c *bridgeClient) newAttestation(a frontend.Attestation, s session.Group) (client.Attestation, []*ref, error) { - switch a := a.(type) { - case *frontend.InTotoAttestation: - rr, err := c.newRef(a.PredicateRef, session.NewGroup(c.sid)) - if err != nil { - return nil, nil, err - } - - subjects := make([]attestation.InTotoSubject, len(a.Subjects)) - for i, subject := range a.Subjects { - switch subject := subject.(type) { - case *attestation.InTotoSubjectSelf: - subjects[i] = &attestation.InTotoSubjectSelf{} - case *attestation.InTotoSubjectRaw: - subjects[i] = &attestation.InTotoSubjectRaw{ - Name: subject.Name, - Digest: subject.Digest, - } - default: - return nil, nil, errors.Errorf("unknown attestation subject type %T", s) - } - } - return &client.InTotoAttestation{ - PredicateType: a.PredicateType, - PredicateRef: rr, - PredicatePath: a.PredicatePath, - Subjects: subjects, - }, []*ref{rr}, nil - default: - return nil, nil, errors.Errorf("unknown attestation type %T", a) - } -} - type ref struct { resultProxy solver.ResultProxy resultProxyClones []solver.ResultProxy diff --git a/frontend/gateway/gateway.go b/frontend/gateway/gateway.go index a2a871a7eb83..598977c21c3d 100644 --- a/frontend/gateway/gateway.go +++ b/frontend/gateway/gateway.go @@ -38,6 +38,7 @@ import ( llberrdefs "github.com/moby/buildkit/solver/llbsolver/errdefs" opspb "github.com/moby/buildkit/solver/pb" "github.com/moby/buildkit/util/apicaps" + "github.com/moby/buildkit/util/attestation" "github.com/moby/buildkit/util/bklog" "github.com/moby/buildkit/util/buildinfo" "github.com/moby/buildkit/util/grpcerrors" @@ -709,23 +710,15 @@ func (lbf *llbBridgeForwarder) Solve(ctx context.Context, req *pb.SolveRequest) attestations := map[string]*pb.Attestations{} for k, atts := range res.Attestations { for _, att := range atts { - switch att := att.(type) { - case *frontend.InTotoAttestation: - ref := att.PredicateRef - id := identity.NewID() - def := ref.Definition() - lbf.refs[id] = ref - - pbAtt, err := pb.ToInTotoPB(att.PredicateType, &pb.Ref{Id: id, Def: def}, att.PredicatePath, att.Subjects...) - if err != nil { - return nil, err - } - attestations[k].Attestation = append(attestations[k].Attestation, &pb.Attestations_Attestation{ - Attestation: pbAtt, - }) - default: - return nil, errors.Errorf("unknown attestation type %T", att) + pbAtt, err := pb.ToAttestationPB(att) + if err != nil { + return nil, err } + + if attestations[k] == nil { + attestations[k] = &pb.Attestations{} + } + attestations[k].Attestation = append(attestations[k].Attestation, pbAtt) } } pbRes.Attestations = attestations @@ -927,10 +920,10 @@ func (lbf *llbBridgeForwarder) Return(ctx context.Context, in *pb.ReturnRequest) } if in.Result.Attestations != nil { - r.Attestations = map[string][]frontend.Attestation{} + r.Attestations = map[string][]attestation.Attestation{} for k, pbAtts := range in.Result.Attestations { for _, pbAtt := range pbAtts.Attestation { - att, err := lbf.convertAttestation(pbAtt) + att, err := pb.FromAttestationPB(pbAtt) if err != nil { return nil, err } @@ -1447,29 +1440,6 @@ func (lbf *llbBridgeForwarder) cloneRef(id string) (solver.ResultProxy, error) { return s2, nil } -func (lbf *llbBridgeForwarder) convertAttestation(att *pb.Attestations_Attestation) (frontend.Attestation, error) { - switch att := att.Attestation.(type) { - case *pb.Attestations_Attestation_Intoto: - predicateType, predicateRef, predicatePath, subjects, err := pb.FromInTotoPB(att) - if err != nil { - return nil, err - } - - ref, err := lbf.cloneRef(predicateRef.Id) - if err != nil { - return nil, err - } - return &frontend.InTotoAttestation{ - PredicateType: predicateType, - PredicateRef: ref, - PredicatePath: predicatePath, - Subjects: subjects, - }, nil - default: - return nil, errors.Errorf("unknown attestation type %T", att) - } -} - func serve(ctx context.Context, grpcServer *grpc.Server, conn net.Conn) { go func() { <-ctx.Done() diff --git a/frontend/gateway/grpcclient/client.go b/frontend/gateway/grpcclient/client.go index 1f67875506b8..fad0a55e6b52 100644 --- a/frontend/gateway/grpcclient/client.go +++ b/frontend/gateway/grpcclient/client.go @@ -21,6 +21,7 @@ import ( "github.com/moby/buildkit/identity" opspb "github.com/moby/buildkit/solver/pb" "github.com/moby/buildkit/util/apicaps" + "github.com/moby/buildkit/util/attestation" "github.com/moby/buildkit/util/bklog" "github.com/moby/buildkit/util/grpcerrors" "github.com/moby/sys/signal" @@ -95,26 +96,6 @@ func convertRef(ref client.Reference) (*pb.Ref, error) { return &pb.Ref{Id: r.id, Def: r.def}, nil } -func convertAttestation(att client.Attestation) (*pb.Attestations_Attestation, error) { - switch att := att.(type) { - case *client.InTotoAttestation: - pbRef, err := convertRef(att.PredicateRef) - if err != nil { - return nil, err - } - - attestation, err := pb.ToInTotoPB(att.PredicateType, pbRef, att.PredicatePath, att.Subjects...) - if err != nil { - return nil, err - } - return &pb.Attestations_Attestation{ - Attestation: attestation, - }, nil - default: - return nil, errors.Errorf("unknown attestation type %T", att) - } -} - func RunFromEnvironment(ctx context.Context, f client.BuildFunc) error { client, err := current() if err != nil { @@ -181,11 +162,11 @@ func (c *grpcClient) Run(ctx context.Context, f client.BuildFunc) (retError erro } } - if res.Attestations != nil { + if res.Attestations != nil && c.caps.Supports(pb.CapAttestations) == nil { attestations := map[string]*pb.Attestations{} for k, as := range res.Attestations { for _, a := range as { - pbAtt, err := convertAttestation(a) + pbAtt, err := pb.ToAttestationPB(a) if err != nil { retError = err continue @@ -484,14 +465,14 @@ func (c *grpcClient) Solve(ctx context.Context, creq client.SolveRequest) (res * } if resp.Result.Attestations != nil { - res.Attestations = map[string][]client.Attestation{} + res.Attestations = map[string][]attestation.Attestation{} for p, as := range resp.Result.Attestations { for _, a := range as.Attestation { - att, err := newAttestation(c, a) - res.AddAttestation(p, att) + att, err := pb.FromAttestationPB(a) if err != nil { return nil, err } + res.Attestations[p] = append(res.Attestations[p], att) } } } @@ -1121,29 +1102,6 @@ func (r *reference) StatFile(ctx context.Context, req client.StatRequest) (*fsty return resp.Stat, nil } -func newAttestation(c *grpcClient, att *pb.Attestations_Attestation) (client.Attestation, error) { - switch att := att.Attestation.(type) { - case *pb.Attestations_Attestation_Intoto: - predicateType, predicateRef, predicatePath, subjects, err := pb.FromInTotoPB(att) - if err != nil { - return nil, err - } - ref, err := newReference(c, predicateRef) - if err != nil { - return nil, err - } - - return &client.InTotoAttestation{ - PredicateType: predicateType, - PredicateRef: ref, - PredicatePath: predicatePath, - Subjects: subjects, - }, nil - default: - return nil, errors.Errorf("unknown attestation type %T", att) - } -} - func grpcClientConn(ctx context.Context) (context.Context, *grpc.ClientConn, error) { dialOpt := grpc.WithContextDialer(func(ctx context.Context, addr string) (net.Conn, error) { return stdioConn(), nil diff --git a/frontend/gateway/pb/attestation.go b/frontend/gateway/pb/attestation.go new file mode 100644 index 000000000000..7afe155ae017 --- /dev/null +++ b/frontend/gateway/pb/attestation.go @@ -0,0 +1,75 @@ +package moby_buildkit_v1_frontend //nolint:revive + +import ( + "github.com/moby/buildkit/util/attestation" + "github.com/pkg/errors" +) + +func ToAttestationPB(a attestation.Attestation) (*Attestations_Attestation, error) { + switch a := a.(type) { + case *attestation.InTotoAttestation: + subjects := []*InToto_Subject{} + for _, subject := range a.Subjects { + switch s := subject.(type) { + case *attestation.InTotoSubjectRaw: + subjects = append(subjects, &InToto_Subject{ + Subject: &InToto_Subject_Raw{ + Raw: &InToto_Subject_RawSubject{ + Name: s.Name, + Digest: s.Digest, + }, + }, + }) + case *attestation.InTotoSubjectSelf: + subjects = append(subjects, &InToto_Subject{ + Subject: &InToto_Subject_Self{ + Self: &InToto_Subject_SelfSubject{}, + }, + }) + default: + return nil, errors.Errorf("unknown in toto subject type %T", s) + } + } + + intoto := &InToto{ + PredicateType: a.PredicateType, + PredicatePath: a.PredicatePath, + PredicateRefKey: a.PredicateRefKey, + Subjects: subjects, + } + return &Attestations_Attestation{ + Attestation: &Attestations_Attestation_Intoto{intoto}, + }, nil + default: + return nil, errors.Errorf("unknown attestation type %T", a) + } +} + +func FromAttestationPB(a *Attestations_Attestation) (attestation.Attestation, error) { + switch a := a.Attestation.(type) { + case *Attestations_Attestation_Intoto: + subjects := []attestation.InTotoSubject{} + for _, pbSubject := range a.Intoto.Subjects { + switch pbSubject := pbSubject.Subject.(type) { + case *InToto_Subject_Raw: + subjects = append(subjects, &attestation.InTotoSubjectRaw{ + Name: pbSubject.Raw.Name, + Digest: pbSubject.Raw.Digest, + }) + case *InToto_Subject_Self: + subjects = append(subjects, &attestation.InTotoSubjectSelf{}) + default: + return nil, errors.Errorf("unknown in toto subject type %T", pbSubject) + } + } + + return &attestation.InTotoAttestation{ + PredicateType: a.Intoto.PredicateType, + PredicatePath: a.Intoto.PredicatePath, + PredicateRefKey: a.Intoto.PredicateRefKey, + Subjects: subjects, + }, nil + default: + return nil, errors.Errorf("unknown attestation type %T", a) + } +} diff --git a/frontend/gateway/pb/attestations.go b/frontend/gateway/pb/attestations.go deleted file mode 100644 index 82f82ae996d4..000000000000 --- a/frontend/gateway/pb/attestations.go +++ /dev/null @@ -1,60 +0,0 @@ -package moby_buildkit_v1_frontend //nolint:revive - -import ( - "github.com/moby/buildkit/util/attestation" - "github.com/pkg/errors" -) - -func ToInTotoPB(predicateType string, predicateRef *Ref, predicatePath string, subjects ...attestation.InTotoSubject) (*Attestations_Attestation_Intoto, error) { - pbSubjects := []*InToto_Subject{} - for _, subject := range subjects { - switch s := subject.(type) { - case *attestation.InTotoSubjectRaw: - pbSubjects = append(pbSubjects, &InToto_Subject{ - Subject: &InToto_Subject_Raw{ - Raw: &InToto_Subject_RawSubject{ - Name: s.Name, - Digest: s.Digest, - }, - }, - }) - case *attestation.InTotoSubjectSelf: - pbSubjects = append(pbSubjects, &InToto_Subject{ - Subject: &InToto_Subject_Self{ - Self: &InToto_Subject_SelfSubject{}, - }, - }) - default: - return nil, errors.Errorf("unknown in toto subject type %T", s) - } - } - - intoto := &InToto{ - PredicateType: predicateType, - PredicatePath: predicatePath, - PredicateRef: predicateRef, - Subjects: pbSubjects, - } - - return &Attestations_Attestation_Intoto{ - Intoto: intoto, - }, nil -} - -func FromInTotoPB(att *Attestations_Attestation_Intoto) (string, *Ref, string, []attestation.InTotoSubject, error) { - subjects := []attestation.InTotoSubject{} - for _, pbSubject := range att.Intoto.Subjects { - switch pbSubject := pbSubject.Subject.(type) { - case *InToto_Subject_Raw: - subjects = append(subjects, &attestation.InTotoSubjectRaw{ - Name: pbSubject.Raw.Name, - Digest: pbSubject.Raw.Digest, - }) - case *InToto_Subject_Self: - subjects = append(subjects, &attestation.InTotoSubjectSelf{}) - default: - return "", nil, "", nil, errors.Errorf("unknown in toto subject type %T", pbSubject) - } - } - return att.Intoto.PredicateType, att.Intoto.PredicateRef, att.Intoto.PredicatePath, subjects, nil -} diff --git a/frontend/gateway/pb/caps.go b/frontend/gateway/pb/caps.go index c4af39f3f0b9..912ab88d22c3 100644 --- a/frontend/gateway/pb/caps.go +++ b/frontend/gateway/pb/caps.go @@ -58,6 +58,10 @@ const ( // CapGatewayWarnings is the capability to log warnings from frontend CapGatewayWarnings apicaps.CapID = "gateway.warnings" + + // CapAttestations is the capability to indicate that attestation + // references will be attached to results + CapAttestations apicaps.CapID = "reference.attestations" ) func init() { @@ -200,4 +204,11 @@ func init() { Enabled: true, Status: apicaps.CapStatusExperimental, }) + + Caps.Init(apicaps.Cap{ + ID: CapAttestations, + Name: "reference attestations", + Enabled: true, + Status: apicaps.CapStatusExperimental, + }) } diff --git a/frontend/gateway/pb/gateway.pb.go b/frontend/gateway/pb/gateway.pb.go index a315e41fd6b5..15478e467721 100644 --- a/frontend/gateway/pb/gateway.pb.go +++ b/frontend/gateway/pb/gateway.pb.go @@ -436,7 +436,7 @@ func (*Attestations_Attestation) XXX_OneofWrappers() []interface{} { type InToto struct { PredicateType string `protobuf:"bytes,1,opt,name=predicateType,proto3" json:"predicateType,omitempty"` - PredicateRef *Ref `protobuf:"bytes,2,opt,name=predicateRef,proto3" json:"predicateRef,omitempty"` + PredicateRefKey string `protobuf:"bytes,2,opt,name=predicateRefKey,proto3" json:"predicateRefKey,omitempty"` PredicatePath string `protobuf:"bytes,3,opt,name=predicatePath,proto3" json:"predicatePath,omitempty"` Subjects []*InToto_Subject `protobuf:"bytes,4,rep,name=subjects,proto3" json:"subjects,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` @@ -484,11 +484,11 @@ func (m *InToto) GetPredicateType() string { return "" } -func (m *InToto) GetPredicateRef() *Ref { +func (m *InToto) GetPredicateRefKey() string { if m != nil { - return m.PredicateRef + return m.PredicateRefKey } - return nil + return "" } func (m *InToto) GetPredicatePath() string { @@ -2647,152 +2647,153 @@ func init() { func init() { proto.RegisterFile("gateway.proto", fileDescriptor_f1a937782ebbded5) } var fileDescriptor_f1a937782ebbded5 = []byte{ - // 2318 bytes of a gzipped FileDescriptorProto + // 2321 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x59, 0xcd, 0x6f, 0x1b, 0xc7, - 0x15, 0xd7, 0x8a, 0x14, 0x3f, 0x1e, 0x3f, 0xac, 0x4c, 0xd2, 0x94, 0x59, 0x04, 0x8e, 0xb2, 0x75, - 0x1d, 0xd9, 0x71, 0x96, 0xa9, 0x6c, 0x43, 0xae, 0xdd, 0x26, 0x35, 0xf5, 0x01, 0x31, 0x96, 0x6c, - 0x75, 0xe4, 0xc0, 0x68, 0x90, 0x02, 0x5d, 0x71, 0x87, 0xf4, 0xd6, 0xab, 0x9d, 0xed, 0xec, 0xd0, - 0xb2, 0x92, 0x4b, 0x7b, 0xed, 0xa9, 0xa7, 0x5e, 0x0b, 0xf4, 0xd4, 0x63, 0x4f, 0x3d, 0x16, 0x3d, - 0x06, 0xe8, 0xa5, 0x97, 0x02, 0x45, 0x0f, 0x41, 0xe1, 0x3f, 0xa2, 0x40, 0x6f, 0xc5, 0x9b, 0x9d, - 0x25, 0x87, 0x14, 0xbd, 0xa4, 0xe0, 0x93, 0x66, 0xde, 0xbe, 0xf7, 0x9b, 0x79, 0xdf, 0x6f, 0x28, - 0x68, 0x0c, 0x3c, 0xc9, 0x4e, 0xbd, 0x33, 0x37, 0x16, 0x5c, 0x72, 0xf2, 0xce, 0x09, 0x3f, 0x3e, - 0x73, 0x8f, 0x87, 0x41, 0xe8, 0x3f, 0x0b, 0xa4, 0xfb, 0xfc, 0x07, 0x6e, 0x5f, 0xf0, 0x48, 0xb2, - 0xc8, 0xb7, 0x3f, 0x1a, 0x04, 0xf2, 0xe9, 0xf0, 0xd8, 0xed, 0xf1, 0x93, 0xf6, 0x80, 0x0f, 0x78, - 0x5b, 0x49, 0x1c, 0x0f, 0xfb, 0x6a, 0xa7, 0x36, 0x6a, 0x95, 0x22, 0xd9, 0x1b, 0xd3, 0xec, 0x03, - 0xce, 0x07, 0x21, 0xf3, 0xe2, 0x20, 0xd1, 0xcb, 0xb6, 0x88, 0x7b, 0xed, 0x44, 0x7a, 0x72, 0x98, - 0x68, 0x99, 0x1b, 0x86, 0x0c, 0x5e, 0xa4, 0x9d, 0x5d, 0xa4, 0x9d, 0xf0, 0xf0, 0x39, 0x13, 0xed, - 0xf8, 0xb8, 0xcd, 0xe3, 0x8c, 0xbb, 0xfd, 0x4a, 0x6e, 0x2f, 0x0e, 0xda, 0xf2, 0x2c, 0x66, 0x49, - 0xfb, 0x94, 0x8b, 0x67, 0x4c, 0x68, 0x81, 0x9b, 0xaf, 0x14, 0x18, 0xca, 0x20, 0x44, 0xa9, 0x9e, - 0x17, 0x27, 0x78, 0x08, 0xfe, 0xd5, 0x42, 0xa6, 0xda, 0x92, 0x47, 0x41, 0x22, 0x83, 0x60, 0x10, - 0xb4, 0xfb, 0x89, 0x92, 0x49, 0x4f, 0x41, 0x25, 0x52, 0x76, 0xe7, 0xef, 0x45, 0x28, 0x51, 0x96, - 0x0c, 0x43, 0x49, 0xae, 0x42, 0x43, 0xb0, 0xfe, 0x36, 0x8b, 0x05, 0xeb, 0x79, 0x92, 0xf9, 0x2d, - 0x6b, 0xcd, 0x5a, 0xaf, 0xee, 0x2d, 0xd1, 0x49, 0x32, 0xf9, 0x1c, 0x9a, 0x82, 0xf5, 0x13, 0x83, - 0x71, 0x79, 0xcd, 0x5a, 0xaf, 0x6d, 0x7c, 0xe8, 0xbe, 0xd2, 0x19, 0x2e, 0x65, 0xfd, 0x03, 0x2f, - 0x1e, 0x8b, 0xec, 0x2d, 0xd1, 0x29, 0x10, 0xb2, 0x01, 0x05, 0xc1, 0xfa, 0xad, 0x82, 0xc2, 0xba, - 0x9c, 0x8f, 0xb5, 0xb7, 0x44, 0x91, 0x99, 0x6c, 0x42, 0x11, 0x51, 0x5a, 0x45, 0x25, 0xf4, 0xfe, - 0xdc, 0x0b, 0xec, 0x2d, 0x51, 0x25, 0x40, 0x1e, 0x40, 0xe5, 0x84, 0x49, 0xcf, 0xf7, 0xa4, 0xd7, - 0x82, 0xb5, 0xc2, 0x7a, 0x6d, 0xa3, 0x9d, 0x2b, 0x8c, 0x06, 0x72, 0x0f, 0xb4, 0xc4, 0x4e, 0x24, - 0xc5, 0x19, 0x1d, 0x01, 0x90, 0x27, 0x50, 0xf7, 0xa4, 0x64, 0x68, 0xd5, 0x80, 0x47, 0x49, 0xab, - 0xa6, 0x00, 0x6f, 0xce, 0x07, 0xbc, 0x6f, 0x48, 0xa5, 0xa0, 0x13, 0x40, 0xf6, 0x3d, 0x68, 0x4c, - 0x9c, 0x49, 0x56, 0xa1, 0xf0, 0x8c, 0x9d, 0xa5, 0x8e, 0xa1, 0xb8, 0x24, 0x6f, 0xc1, 0xca, 0x73, - 0x2f, 0x1c, 0x32, 0xe5, 0x83, 0x3a, 0x4d, 0x37, 0x77, 0x97, 0xef, 0x58, 0xf6, 0x53, 0x78, 0xe3, - 0x1c, 0xfe, 0x0c, 0x80, 0x1f, 0x9b, 0x00, 0xb5, 0x8d, 0x0f, 0x72, 0x6e, 0x6d, 0xc2, 0x19, 0x27, - 0x75, 0x2a, 0x50, 0x12, 0x4a, 0x21, 0xe7, 0xf7, 0x16, 0xac, 0x4e, 0xbb, 0x9a, 0x74, 0xb5, 0x93, - 0x2c, 0x65, 0x96, 0xdb, 0x17, 0x88, 0x12, 0x24, 0x68, 0xc3, 0x28, 0x08, 0x7b, 0x13, 0xaa, 0x23, - 0xd2, 0x3c, 0x63, 0x54, 0x8d, 0x2b, 0x3a, 0x9b, 0x50, 0xa0, 0xac, 0x4f, 0x9a, 0xb0, 0x1c, 0xe8, - 0xb8, 0xa6, 0xcb, 0x81, 0x4f, 0xd6, 0xa0, 0xe0, 0xb3, 0xbe, 0x56, 0xbd, 0xe9, 0xc6, 0xc7, 0xee, - 0x36, 0xeb, 0x07, 0x51, 0x80, 0x2a, 0x52, 0xfc, 0xe4, 0xfc, 0xd1, 0xc2, 0xfc, 0xc0, 0x6b, 0x91, - 0x4f, 0x27, 0xf4, 0x98, 0x1f, 0xed, 0xe7, 0x6e, 0xff, 0x24, 0xff, 0xf6, 0xb7, 0x26, 0x3d, 0x31, - 0x27, 0x05, 0x4c, 0xed, 0xfe, 0x66, 0x41, 0xdd, 0x74, 0x0e, 0xf9, 0x1c, 0x6a, 0x46, 0x20, 0xe9, - 0x1b, 0xdf, 0x5c, 0xd0, 0xb5, 0xe6, 0x86, 0x9a, 0x38, 0xf6, 0xcf, 0xa0, 0x66, 0x7c, 0x23, 0xf7, - 0xa0, 0x14, 0x44, 0x92, 0x4b, 0xae, 0xb4, 0xc8, 0xcf, 0xbf, 0x6e, 0xf4, 0x98, 0x4b, 0xbe, 0xb7, - 0x44, 0xb5, 0x48, 0xa7, 0x31, 0x81, 0xe5, 0xfc, 0xb6, 0x08, 0xa5, 0x94, 0x87, 0x5c, 0x81, 0x46, - 0x2c, 0x98, 0x1f, 0x60, 0x08, 0x3c, 0x3e, 0x8b, 0x99, 0xb6, 0xd1, 0x24, 0x91, 0x74, 0xa0, 0x3e, - 0x22, 0xd0, 0x91, 0x0f, 0xe7, 0x19, 0x6d, 0x42, 0x66, 0xe2, 0xa4, 0x43, 0x4f, 0x3e, 0x55, 0xc5, - 0xc7, 0x3c, 0x09, 0x89, 0x64, 0x07, 0x2a, 0xc9, 0xf0, 0xf8, 0x97, 0xac, 0x27, 0xb1, 0xd0, 0xa0, - 0x25, 0xaf, 0xcd, 0x55, 0xd4, 0x3d, 0x4a, 0x25, 0xe8, 0x48, 0xd4, 0xfe, 0xd3, 0x32, 0x94, 0x35, - 0x95, 0x3c, 0x80, 0x62, 0xc2, 0xc2, 0xbe, 0xb6, 0xdb, 0xed, 0x85, 0xe1, 0xdc, 0x23, 0x16, 0xf6, - 0xf5, 0x1a, 0x6b, 0x19, 0x82, 0x90, 0x3d, 0x28, 0x08, 0xef, 0x54, 0x1b, 0xe0, 0xd6, 0xe2, 0x58, - 0xd4, 0x3b, 0x1d, 0x43, 0x21, 0x84, 0xdd, 0x80, 0x9a, 0x71, 0x80, 0x1d, 0x02, 0x8c, 0x79, 0xc8, - 0x67, 0x50, 0xda, 0x0e, 0x06, 0x2c, 0x91, 0x2a, 0x9c, 0xaa, 0x9d, 0x8d, 0x6f, 0xbe, 0x7d, 0x6f, - 0xe9, 0xdf, 0xdf, 0xbe, 0x77, 0xdd, 0x68, 0x38, 0x3c, 0x66, 0x51, 0x8f, 0x47, 0xd2, 0x0b, 0x22, - 0x26, 0xb0, 0x6f, 0x7e, 0xe4, 0x2b, 0x11, 0x37, 0x95, 0xa4, 0x1a, 0x81, 0x10, 0x28, 0x46, 0xde, - 0x49, 0x96, 0xa7, 0x6a, 0xdd, 0xa9, 0x8e, 0xcc, 0xe3, 0x48, 0x68, 0x50, 0x26, 0x87, 0x22, 0xa2, - 0xec, 0x57, 0x43, 0xe4, 0xff, 0x61, 0x56, 0x61, 0x16, 0x88, 0xb4, 0xb4, 0xb6, 0x52, 0x2d, 0x40, - 0xd6, 0x61, 0x85, 0x09, 0xc1, 0x85, 0xb6, 0x0f, 0x71, 0xd3, 0x66, 0xee, 0x8a, 0xb8, 0xe7, 0x1e, - 0xa9, 0x66, 0x4e, 0x53, 0x06, 0x67, 0x15, 0x9a, 0xd9, 0xa9, 0x49, 0xcc, 0xa3, 0x84, 0x39, 0x97, - 0xa0, 0xd1, 0x8d, 0xe2, 0xa1, 0x4c, 0xf4, 0x3d, 0x9c, 0xbf, 0x5a, 0xd0, 0xcc, 0x28, 0x29, 0x0f, - 0xf9, 0x12, 0x6a, 0xe3, 0x9a, 0x91, 0x15, 0x87, 0xbb, 0xb9, 0x5e, 0x30, 0xe5, 0x8d, 0x82, 0xa3, - 0x6b, 0x85, 0x09, 0x67, 0x3f, 0x84, 0xd5, 0x69, 0x86, 0x19, 0x95, 0xe3, 0xca, 0x64, 0xe5, 0x98, - 0x2e, 0x64, 0x46, 0xa5, 0xf8, 0xa7, 0x05, 0xef, 0x50, 0xa6, 0xa6, 0x93, 0xee, 0x89, 0x37, 0x60, - 0x5b, 0x3c, 0xea, 0x07, 0x83, 0xcc, 0xcc, 0xab, 0xaa, 0x4a, 0x66, 0xc8, 0x98, 0x21, 0xeb, 0x50, - 0x39, 0x0c, 0x3d, 0xd9, 0xe7, 0xe2, 0x44, 0x83, 0xd7, 0x11, 0x3c, 0xa3, 0xd1, 0xd1, 0x57, 0xb2, - 0x06, 0x35, 0x0d, 0x7c, 0xc0, 0x7d, 0xa6, 0x33, 0xc9, 0x24, 0x91, 0x16, 0x94, 0xf7, 0xf9, 0xe0, - 0x21, 0xfa, 0xbd, 0xa8, 0xbe, 0x66, 0x5b, 0xe2, 0x40, 0x5d, 0x33, 0x0a, 0x95, 0xf0, 0x2b, 0x6b, - 0xd6, 0xfa, 0x0a, 0x9d, 0xa0, 0x91, 0x77, 0xa1, 0x7a, 0xc4, 0x92, 0x24, 0xe0, 0x51, 0x77, 0xbb, - 0x55, 0x52, 0xf2, 0x63, 0x82, 0xf3, 0x6b, 0x0b, 0xec, 0x59, 0x7a, 0x69, 0x27, 0x99, 0xb1, 0x6b, - 0xbd, 0x66, 0xec, 0xbe, 0x0d, 0xa5, 0x14, 0x5d, 0xb7, 0x5c, 0xbd, 0x73, 0xfe, 0xb2, 0x02, 0xf5, - 0x23, 0xbc, 0x40, 0x66, 0x4d, 0x17, 0x60, 0xec, 0x04, 0x1d, 0xb8, 0xd3, 0xae, 0x31, 0x38, 0x88, - 0x0d, 0x95, 0x5d, 0x1d, 0x24, 0x3a, 0x31, 0x46, 0x7b, 0xf2, 0x05, 0xd4, 0xb2, 0xf5, 0xa3, 0x58, - 0xb6, 0x0a, 0x2a, 0xca, 0xee, 0xe4, 0x44, 0x99, 0x79, 0x13, 0xd7, 0x10, 0xd5, 0x31, 0x66, 0x50, - 0xc8, 0x0d, 0x78, 0xc3, 0x0b, 0x43, 0x7e, 0xaa, 0x13, 0x47, 0xa5, 0x80, 0x72, 0x41, 0x85, 0x9e, - 0xff, 0x40, 0x3e, 0x86, 0x37, 0x0d, 0xe2, 0x7d, 0x21, 0xbc, 0x33, 0x8c, 0x99, 0x92, 0xe2, 0x9f, - 0xf5, 0x09, 0xbb, 0xf2, 0x6e, 0x10, 0x79, 0x61, 0x0b, 0x14, 0x4f, 0xba, 0x41, 0x9f, 0xef, 0xbc, - 0x88, 0xb9, 0x90, 0x4c, 0xdc, 0x97, 0x52, 0xb4, 0x6a, 0xca, 0x98, 0x13, 0x34, 0x72, 0x08, 0xf5, - 0x2d, 0xaf, 0xf7, 0x94, 0x75, 0x4f, 0x90, 0x98, 0xb4, 0xea, 0x4a, 0xed, 0x1b, 0x39, 0x6a, 0x2b, - 0xf6, 0x47, 0xb1, 0x39, 0x51, 0x99, 0x08, 0xa4, 0x07, 0xcd, 0x4c, 0xf5, 0x34, 0x0f, 0x5b, 0x0d, - 0x85, 0x79, 0xef, 0xa2, 0xa6, 0x4c, 0xa5, 0xd3, 0x23, 0xa6, 0x20, 0xd1, 0x91, 0x3b, 0x98, 0x72, - 0x9e, 0x64, 0xad, 0xa6, 0xd2, 0x79, 0xb4, 0xb7, 0x3f, 0x81, 0xd5, 0x69, 0x6f, 0x5c, 0x64, 0x90, - 0xb1, 0x7f, 0x0a, 0x6f, 0xce, 0xb8, 0xc2, 0x6b, 0xd5, 0x84, 0x3f, 0x5b, 0xf0, 0xc6, 0x39, 0xbb, - 0x61, 0x89, 0x36, 0x9a, 0xaf, 0x5a, 0x93, 0x03, 0x58, 0x41, 0xbf, 0x24, 0xad, 0x65, 0x65, 0xb4, - 0xcd, 0x8b, 0x38, 0xc2, 0x55, 0x92, 0xa9, 0xc1, 0x52, 0x14, 0xfb, 0x0e, 0xc0, 0x98, 0x78, 0xa1, - 0x71, 0xee, 0x4b, 0x68, 0x68, 0xaf, 0xe8, 0x04, 0x5f, 0x4d, 0x1f, 0x0f, 0x5a, 0x18, 0x9f, 0x06, - 0xe3, 0x96, 0x51, 0xb8, 0x60, 0xcb, 0x70, 0xbe, 0x86, 0x4b, 0x94, 0x79, 0xfe, 0x6e, 0x10, 0xb2, - 0x57, 0x57, 0x46, 0xcc, 0xd6, 0x20, 0x4c, 0xc7, 0x86, 0x2c, 0x5b, 0xf5, 0x9e, 0xdc, 0x85, 0x15, - 0xea, 0x45, 0x03, 0xa6, 0x8f, 0xbe, 0x92, 0x73, 0xb4, 0x3a, 0x04, 0x79, 0x69, 0x2a, 0xe2, 0xdc, - 0x83, 0xea, 0x88, 0x86, 0xb5, 0xe6, 0x51, 0xbf, 0x9f, 0xb0, 0xb4, 0x6e, 0x15, 0xa8, 0xde, 0x21, - 0x7d, 0x9f, 0x45, 0x03, 0x7d, 0x74, 0x81, 0xea, 0x9d, 0x73, 0x15, 0xc7, 0xef, 0xec, 0xe6, 0xda, - 0x34, 0x04, 0x8a, 0xdb, 0xf8, 0xcc, 0xb1, 0x54, 0x82, 0xa9, 0xb5, 0xe3, 0x63, 0xab, 0xf3, 0xfc, - 0xed, 0x40, 0xbc, 0x5a, 0xc1, 0x16, 0x94, 0xb7, 0x03, 0x61, 0xe8, 0x97, 0x6d, 0xc9, 0x55, 0x6c, - 0x82, 0xbd, 0x70, 0xe8, 0xa3, 0xb6, 0x92, 0x89, 0x48, 0x57, 0xfb, 0x29, 0xaa, 0xf3, 0x69, 0x6a, - 0x47, 0x75, 0x8a, 0xbe, 0xcc, 0x0d, 0x28, 0xb3, 0x48, 0x8a, 0x80, 0x65, 0x9d, 0x92, 0xb8, 0xe9, - 0xcb, 0xd4, 0x55, 0x2f, 0x53, 0xd5, 0x91, 0x69, 0xc6, 0xe2, 0x6c, 0xc2, 0x25, 0x24, 0xe4, 0x3b, - 0x82, 0x40, 0xd1, 0xb8, 0xa4, 0x5a, 0x3b, 0x77, 0x61, 0x75, 0x2c, 0xa8, 0x8f, 0xbe, 0x0a, 0x45, - 0x1c, 0x36, 0x75, 0x21, 0x9e, 0x75, 0xae, 0xfa, 0xee, 0x34, 0xa0, 0x76, 0x18, 0x44, 0x59, 0x4f, - 0x74, 0x5e, 0x5a, 0x50, 0x3f, 0xe4, 0xd1, 0xb8, 0x97, 0x1c, 0xc2, 0xa5, 0x2c, 0x03, 0xef, 0x1f, - 0x76, 0xb7, 0xbc, 0x38, 0x53, 0x65, 0xed, 0xbc, 0x9b, 0xf5, 0x13, 0xdd, 0x4d, 0x19, 0x3b, 0x45, - 0x6c, 0x3b, 0x74, 0x5a, 0x9c, 0xfc, 0x04, 0xca, 0xfb, 0xfb, 0x1d, 0x85, 0xb4, 0x7c, 0x21, 0xa4, - 0x4c, 0x8c, 0x7c, 0x02, 0xe5, 0x27, 0xea, 0x97, 0x83, 0x44, 0xb7, 0x86, 0x19, 0x21, 0x97, 0x2a, - 0x9a, 0xb2, 0x51, 0xd6, 0xe3, 0xc2, 0xa7, 0x99, 0x90, 0xf3, 0x5f, 0x0b, 0x6a, 0x4f, 0xbc, 0xf1, - 0xbc, 0xf5, 0x19, 0x94, 0xfc, 0xd7, 0xee, 0x97, 0xe9, 0x16, 0xb3, 0x38, 0x64, 0xcf, 0x59, 0xa8, - 0x43, 0x35, 0xdd, 0x20, 0x35, 0x79, 0xca, 0x45, 0x9a, 0x9d, 0x75, 0x9a, 0x6e, 0x30, 0xae, 0x7d, - 0x26, 0xbd, 0x20, 0x54, 0x83, 0x76, 0x9d, 0xea, 0x1d, 0x7a, 0x7d, 0x28, 0x42, 0xd5, 0x94, 0xaa, - 0x14, 0x97, 0xc4, 0x81, 0x62, 0x10, 0xf5, 0xb9, 0xea, 0x3b, 0xba, 0xba, 0x1d, 0xf1, 0xa1, 0xe8, - 0xb1, 0x6e, 0xd4, 0xe7, 0x54, 0x7d, 0x23, 0xef, 0x43, 0x49, 0x60, 0x1a, 0x25, 0xad, 0xb2, 0x32, - 0x4a, 0x15, 0xb9, 0xd2, 0x64, 0xd3, 0x1f, 0x9c, 0x26, 0xd4, 0x53, 0xbd, 0xf5, 0xc4, 0xf7, 0xbb, - 0x65, 0x78, 0xf3, 0x21, 0x3b, 0xdd, 0xca, 0xf4, 0xca, 0x0c, 0xb2, 0x06, 0xb5, 0x11, 0xad, 0xbb, - 0xad, 0xc3, 0xcf, 0x24, 0xe1, 0x61, 0x07, 0x7c, 0x18, 0xc9, 0xcc, 0x87, 0xea, 0x30, 0x45, 0xa1, - 0xfa, 0x03, 0xf9, 0x3e, 0x94, 0x1f, 0x32, 0x79, 0xca, 0xc5, 0x33, 0xa5, 0x75, 0x73, 0xa3, 0x86, - 0x3c, 0x0f, 0x99, 0xc4, 0xf1, 0x88, 0x66, 0xdf, 0x70, 0xe6, 0x8a, 0xb3, 0x99, 0xab, 0x38, 0x6b, - 0xe6, 0xca, 0xbe, 0x92, 0x4d, 0xa8, 0xf5, 0x78, 0x94, 0x48, 0xe1, 0x05, 0x78, 0xf0, 0x8a, 0x62, - 0xfe, 0x0e, 0x32, 0xa7, 0x8e, 0xdd, 0x1a, 0x7f, 0xa4, 0x26, 0x27, 0xb9, 0x0e, 0xc0, 0x5e, 0x48, - 0xe1, 0xed, 0xf1, 0x44, 0x26, 0xad, 0x92, 0xba, 0x30, 0xa0, 0x1c, 0x12, 0xba, 0x87, 0xd4, 0xf8, - 0xea, 0xbc, 0x0d, 0x6f, 0x4d, 0x5a, 0x44, 0x9b, 0xea, 0x1e, 0x7c, 0x97, 0xb2, 0x90, 0x79, 0x09, - 0xbb, 0xb8, 0xb5, 0x1c, 0x1b, 0x5a, 0xe7, 0x85, 0x35, 0xf0, 0xff, 0x0a, 0x50, 0xdb, 0x79, 0xc1, - 0x7a, 0x07, 0x2c, 0x49, 0xbc, 0x81, 0x9a, 0xfc, 0x0e, 0x05, 0xef, 0xb1, 0x24, 0x19, 0x61, 0x8d, - 0x09, 0xe4, 0x47, 0x50, 0xec, 0x46, 0x81, 0xd4, 0x6d, 0xee, 0x6a, 0xee, 0xe0, 0x1d, 0x48, 0x8d, - 0x89, 0x6f, 0x27, 0xdc, 0x92, 0xbb, 0x50, 0xc4, 0x22, 0xb1, 0x48, 0xa1, 0xf6, 0x0d, 0x59, 0x94, - 0x21, 0x1d, 0xf5, 0xcb, 0x59, 0xf0, 0x15, 0xd3, 0x5e, 0x5a, 0xcf, 0xef, 0x30, 0xc1, 0x57, 0x6c, - 0x8c, 0xa0, 0x25, 0xc9, 0x0e, 0x94, 0x8f, 0xa4, 0x27, 0x24, 0xf3, 0xb5, 0xf7, 0xf2, 0x9e, 0x96, - 0x9a, 0x73, 0x8c, 0x92, 0xc9, 0xa2, 0x11, 0x76, 0x5e, 0x04, 0x52, 0x67, 0x43, 0x9e, 0x11, 0x90, - 0xcd, 0x50, 0x04, 0xb7, 0x28, 0xbd, 0xcd, 0x23, 0xd6, 0x2a, 0xcf, 0x95, 0x46, 0x36, 0x43, 0x1a, - 0xb7, 0x68, 0x86, 0xa3, 0x60, 0x80, 0xf3, 0x5d, 0x65, 0xae, 0x19, 0x52, 0x46, 0xc3, 0x0c, 0x29, - 0xa1, 0x53, 0x86, 0x15, 0x35, 0xcd, 0x38, 0x7f, 0xb0, 0xa0, 0x66, 0xf8, 0x69, 0x81, 0xbc, 0x7b, - 0x17, 0x8a, 0x07, 0x4c, 0x7a, 0xda, 0xff, 0x15, 0x95, 0x75, 0x4c, 0x7a, 0x54, 0x51, 0xb1, 0x70, - 0xec, 0xfa, 0x69, 0x51, 0x6c, 0x50, 0x5c, 0x22, 0xe5, 0xb1, 0x3c, 0x53, 0x2e, 0xab, 0x50, 0x5c, - 0x92, 0x1b, 0x50, 0x39, 0x62, 0xbd, 0xa1, 0x08, 0xe4, 0x99, 0x72, 0x42, 0x73, 0x63, 0x55, 0x95, - 0x13, 0x4d, 0x53, 0xc9, 0x39, 0xe2, 0x70, 0x1e, 0x60, 0x70, 0x8e, 0x2f, 0x48, 0xa0, 0xb8, 0x85, - 0xef, 0x1d, 0xbc, 0x59, 0x83, 0xaa, 0x35, 0x3e, 0x39, 0x77, 0xe6, 0x3d, 0x39, 0x77, 0xb2, 0x27, - 0xe7, 0xa4, 0x53, 0xb1, 0xfb, 0x18, 0x46, 0x76, 0xee, 0x43, 0x75, 0x14, 0x78, 0xa4, 0x09, 0xcb, - 0xbb, 0xbe, 0x3e, 0x69, 0x79, 0xd7, 0x47, 0x55, 0x76, 0x1e, 0xed, 0xaa, 0x53, 0x2a, 0x14, 0x97, - 0xa3, 0x5e, 0x5f, 0x30, 0x7a, 0xfd, 0x26, 0x3e, 0xa6, 0x8d, 0xe8, 0x43, 0x26, 0xca, 0x4f, 0x93, - 0xec, 0xca, 0xb8, 0x4e, 0xd5, 0x08, 0x13, 0x85, 0xa5, 0xd4, 0x08, 0x13, 0xe7, 0x7b, 0xd0, 0x98, - 0xf0, 0x17, 0x32, 0xa9, 0xd7, 0x9b, 0x1e, 0x09, 0x71, 0xbd, 0xf1, 0xaf, 0x2a, 0x54, 0xf7, 0xf7, - 0x3b, 0x1d, 0x11, 0xf8, 0x03, 0x46, 0x7e, 0x63, 0x01, 0x39, 0xff, 0x0c, 0x23, 0xb7, 0xf2, 0x33, - 0x63, 0xf6, 0x6b, 0xd4, 0xbe, 0x7d, 0x41, 0x29, 0xdd, 0x9f, 0xbf, 0x80, 0x15, 0x35, 0x1b, 0x92, - 0x0f, 0x16, 0x9c, 0xe9, 0xed, 0xf5, 0xf9, 0x8c, 0x1a, 0xbb, 0x07, 0x95, 0x6c, 0xbe, 0x22, 0xd7, - 0x73, 0xaf, 0x37, 0x31, 0x3e, 0xda, 0x1f, 0x2e, 0xc4, 0xab, 0x0f, 0xf9, 0x05, 0x94, 0xf5, 0xd8, - 0x44, 0xae, 0xcd, 0x91, 0x1b, 0x0f, 0x70, 0xf6, 0xf5, 0x45, 0x58, 0xc7, 0x6a, 0x64, 0xe3, 0x51, - 0xae, 0x1a, 0x53, 0xc3, 0x57, 0xae, 0x1a, 0xe7, 0xe6, 0xad, 0x27, 0x50, 0xc4, 0x39, 0x8a, 0xe4, - 0xd5, 0x13, 0x63, 0xd0, 0xb2, 0xf3, 0xdc, 0x35, 0x31, 0x80, 0xfd, 0x1c, 0xeb, 0xae, 0x7a, 0x8b, - 0xe6, 0x57, 0x5c, 0xe3, 0x07, 0x24, 0xfb, 0xda, 0x02, 0x9c, 0x63, 0x78, 0xfd, 0x8e, 0x5b, 0x5f, - 0xe0, 0x57, 0x9c, 0xf9, 0xf0, 0x53, 0xbf, 0x17, 0x71, 0xa8, 0x9b, 0xed, 0x94, 0xb8, 0x39, 0xa2, - 0x33, 0x26, 0x11, 0xbb, 0xbd, 0x30, 0xbf, 0x3e, 0xf0, 0x6b, 0x7c, 0x13, 0x4c, 0xb6, 0x5a, 0xb2, - 0x91, 0x6b, 0x8e, 0x99, 0x4d, 0xdd, 0xbe, 0x79, 0x21, 0x19, 0x7d, 0xb8, 0x97, 0xb6, 0x72, 0xdd, - 0xae, 0x49, 0x7e, 0x67, 0x1a, 0xb5, 0x7c, 0x7b, 0x41, 0xbe, 0x75, 0xeb, 0x63, 0x0b, 0xe3, 0x0c, - 0x47, 0xb8, 0x5c, 0x6c, 0x63, 0xb6, 0xcd, 0x8d, 0x33, 0x73, 0x16, 0xec, 0xd4, 0xbf, 0x79, 0x79, - 0xd9, 0xfa, 0xc7, 0xcb, 0xcb, 0xd6, 0x7f, 0x5e, 0x5e, 0xb6, 0x8e, 0x4b, 0xea, 0xff, 0x65, 0x37, - 0xff, 0x1f, 0x00, 0x00, 0xff, 0xff, 0x4c, 0x5f, 0xee, 0x6d, 0x81, 0x1c, 0x00, 0x00, + 0x15, 0xd7, 0x8a, 0x14, 0x3f, 0x1e, 0x49, 0x59, 0x99, 0xa4, 0x29, 0xb3, 0x08, 0x1c, 0x65, 0xeb, + 0x3a, 0xb4, 0xe3, 0x2c, 0x53, 0xd9, 0x86, 0x5c, 0xbb, 0x4d, 0x6a, 0xea, 0x03, 0x62, 0x2c, 0xd9, + 0xea, 0xc8, 0x81, 0xd1, 0x20, 0x05, 0xba, 0xe2, 0x0e, 0xe9, 0xad, 0x57, 0x3b, 0xdb, 0xd9, 0xa1, + 0x65, 0x25, 0x97, 0xf6, 0x3f, 0xe8, 0xa9, 0xd7, 0x02, 0x3d, 0xf5, 0xd8, 0x53, 0x8f, 0x45, 0x8f, + 0x01, 0x7a, 0xe9, 0xa5, 0x40, 0xd1, 0x43, 0x50, 0xf8, 0x2f, 0xe8, 0xa9, 0x40, 0x6f, 0xc5, 0x9b, + 0x9d, 0x25, 0x87, 0x14, 0xbd, 0xa4, 0xe0, 0x93, 0x66, 0xde, 0xbe, 0xf7, 0x9b, 0x79, 0xdf, 0x6f, + 0x28, 0x68, 0x0c, 0x3c, 0xc9, 0x4e, 0xbd, 0x33, 0x37, 0x16, 0x5c, 0x72, 0xf2, 0xce, 0x09, 0x3f, + 0x3e, 0x73, 0x8f, 0x87, 0x41, 0xe8, 0x3f, 0x0b, 0xa4, 0xfb, 0xfc, 0x07, 0x6e, 0x5f, 0xf0, 0x48, + 0xb2, 0xc8, 0xb7, 0x3f, 0x1a, 0x04, 0xf2, 0xe9, 0xf0, 0xd8, 0xed, 0xf1, 0x93, 0xf6, 0x80, 0x0f, + 0x78, 0x5b, 0x49, 0x1c, 0x0f, 0xfb, 0x6a, 0xa7, 0x36, 0x6a, 0x95, 0x22, 0xd9, 0x1b, 0xd3, 0xec, + 0x03, 0xce, 0x07, 0x21, 0xf3, 0xe2, 0x20, 0xd1, 0xcb, 0xb6, 0x88, 0x7b, 0xed, 0x44, 0x7a, 0x72, + 0x98, 0x68, 0x99, 0x1b, 0x86, 0x0c, 0x5e, 0xa4, 0x9d, 0x5d, 0xa4, 0x9d, 0xf0, 0xf0, 0x39, 0x13, + 0xed, 0xf8, 0xb8, 0xcd, 0xe3, 0x8c, 0xbb, 0xfd, 0x4a, 0x6e, 0x2f, 0x0e, 0xda, 0xf2, 0x2c, 0x66, + 0x49, 0xfb, 0x94, 0x8b, 0x67, 0x4c, 0x68, 0x81, 0x9b, 0xaf, 0x14, 0x18, 0xca, 0x20, 0x44, 0xa9, + 0x9e, 0x17, 0x27, 0x78, 0x08, 0xfe, 0xd5, 0x42, 0xa6, 0xda, 0x92, 0x47, 0x41, 0x22, 0x83, 0x60, + 0x10, 0xb4, 0xfb, 0x89, 0x92, 0x49, 0x4f, 0x41, 0x25, 0x52, 0x76, 0xe7, 0x6f, 0x45, 0x28, 0x51, + 0x96, 0x0c, 0x43, 0x49, 0xae, 0x42, 0x43, 0xb0, 0xfe, 0x36, 0x8b, 0x05, 0xeb, 0x79, 0x92, 0xf9, + 0x4d, 0x6b, 0xdd, 0x6a, 0x55, 0xf7, 0x96, 0xe8, 0x24, 0x99, 0x7c, 0x0e, 0xab, 0x82, 0xf5, 0x13, + 0x83, 0x71, 0x79, 0xdd, 0x6a, 0xd5, 0x36, 0x3e, 0x74, 0x5f, 0xe9, 0x0c, 0x97, 0xb2, 0xfe, 0x81, + 0x17, 0x8f, 0x45, 0xf6, 0x96, 0xe8, 0x14, 0x08, 0xd9, 0x80, 0x82, 0x60, 0xfd, 0x66, 0x41, 0x61, + 0x5d, 0xce, 0xc7, 0xda, 0x5b, 0xa2, 0xc8, 0x4c, 0x36, 0xa1, 0x88, 0x28, 0xcd, 0xa2, 0x12, 0x7a, + 0x7f, 0xee, 0x05, 0xf6, 0x96, 0xa8, 0x12, 0x20, 0x0f, 0xa0, 0x72, 0xc2, 0xa4, 0xe7, 0x7b, 0xd2, + 0x6b, 0xc2, 0x7a, 0xa1, 0x55, 0xdb, 0x68, 0xe7, 0x0a, 0xa3, 0x81, 0xdc, 0x03, 0x2d, 0xb1, 0x13, + 0x49, 0x71, 0x46, 0x47, 0x00, 0xe4, 0x09, 0xd4, 0x3d, 0x29, 0x19, 0x5a, 0x35, 0xe0, 0x51, 0xd2, + 0xac, 0x29, 0xc0, 0x9b, 0xf3, 0x01, 0xef, 0x1b, 0x52, 0x29, 0xe8, 0x04, 0x90, 0x7d, 0x0f, 0x1a, + 0x13, 0x67, 0x92, 0x35, 0x28, 0x3c, 0x63, 0x67, 0xa9, 0x63, 0x28, 0x2e, 0xc9, 0x5b, 0xb0, 0xf2, + 0xdc, 0x0b, 0x87, 0x4c, 0xf9, 0xa0, 0x4e, 0xd3, 0xcd, 0xdd, 0xe5, 0x3b, 0x96, 0xfd, 0x14, 0xde, + 0x38, 0x87, 0x3f, 0x03, 0xe0, 0xc7, 0x26, 0x40, 0x6d, 0xe3, 0x83, 0x9c, 0x5b, 0x9b, 0x70, 0xc6, + 0x49, 0x9d, 0x0a, 0x94, 0x84, 0x52, 0xc8, 0xf9, 0x9d, 0x05, 0x6b, 0xd3, 0xae, 0x26, 0x5d, 0xed, + 0x24, 0x4b, 0x99, 0xe5, 0xf6, 0x05, 0xa2, 0x04, 0x09, 0xda, 0x30, 0x0a, 0xc2, 0xde, 0x84, 0xea, + 0x88, 0x34, 0xcf, 0x18, 0x55, 0xe3, 0x8a, 0xce, 0x26, 0x14, 0x28, 0xeb, 0x93, 0x55, 0x58, 0x0e, + 0x74, 0x5c, 0xd3, 0xe5, 0xc0, 0x27, 0xeb, 0x50, 0xf0, 0x59, 0x5f, 0xab, 0xbe, 0xea, 0xc6, 0xc7, + 0xee, 0x36, 0xeb, 0x07, 0x51, 0x80, 0x2a, 0x52, 0xfc, 0xe4, 0xfc, 0xc1, 0xc2, 0xfc, 0xc0, 0x6b, + 0x91, 0x4f, 0x27, 0xf4, 0x98, 0x1f, 0xed, 0xe7, 0x6e, 0xff, 0x24, 0xff, 0xf6, 0xb7, 0x26, 0x3d, + 0x31, 0x27, 0x05, 0x4c, 0xed, 0xfe, 0x6a, 0x41, 0xdd, 0x74, 0x0e, 0xf9, 0x1c, 0x6a, 0x46, 0x20, + 0xe9, 0x1b, 0xdf, 0x5c, 0xd0, 0xb5, 0xe6, 0x86, 0x9a, 0x38, 0xf6, 0xcf, 0xa0, 0x66, 0x7c, 0x23, + 0xf7, 0xa0, 0x14, 0x44, 0x92, 0x4b, 0xae, 0xb4, 0xc8, 0xcf, 0xbf, 0x6e, 0xf4, 0x98, 0x4b, 0xbe, + 0xb7, 0x44, 0xb5, 0x48, 0xa7, 0x31, 0x81, 0xe5, 0xfc, 0xa7, 0x00, 0xa5, 0x94, 0x87, 0x5c, 0x81, + 0x46, 0x2c, 0x98, 0x1f, 0x60, 0x08, 0x3c, 0x3e, 0x8b, 0x99, 0xb6, 0xd1, 0x24, 0x91, 0xb4, 0xe0, + 0xd2, 0x88, 0x40, 0x59, 0xff, 0x01, 0x3b, 0xd3, 0x5e, 0x9f, 0x26, 0x4f, 0xe0, 0x1d, 0x7a, 0xf2, + 0xa9, 0x2a, 0x31, 0x26, 0x1e, 0x12, 0xc9, 0x0e, 0x54, 0x92, 0xe1, 0xf1, 0x2f, 0x59, 0x4f, 0x62, + 0x39, 0x41, 0x7b, 0x5d, 0x9b, 0xab, 0x8e, 0x7b, 0x94, 0x4a, 0xd0, 0x91, 0xa8, 0xfd, 0xc7, 0x65, + 0x28, 0x6b, 0x2a, 0x79, 0x00, 0xc5, 0x84, 0x85, 0x7d, 0x6d, 0x9d, 0xdb, 0x0b, 0xc3, 0xb9, 0x47, + 0x2c, 0xec, 0xeb, 0x35, 0x56, 0x2c, 0x04, 0x21, 0x7b, 0x50, 0x10, 0xde, 0xa9, 0x8e, 0x8d, 0x5b, + 0x8b, 0x63, 0x51, 0xef, 0x74, 0x0c, 0x85, 0x10, 0x76, 0x03, 0x6a, 0xc6, 0x01, 0x76, 0x08, 0x30, + 0xe6, 0x21, 0x9f, 0x41, 0x69, 0x3b, 0x18, 0xb0, 0x44, 0xaa, 0xa0, 0xa9, 0x76, 0x36, 0xbe, 0xf9, + 0xf6, 0xbd, 0xa5, 0x7f, 0x7d, 0xfb, 0xde, 0x75, 0xa3, 0xad, 0xf0, 0x98, 0x45, 0x3d, 0x1e, 0x49, + 0x2f, 0x88, 0x98, 0xc0, 0xee, 0xf8, 0x91, 0xaf, 0x44, 0xdc, 0x54, 0x92, 0x6a, 0x04, 0x42, 0xa0, + 0x18, 0x79, 0x27, 0x59, 0x36, 0xaa, 0x75, 0xa7, 0x3a, 0x32, 0x8f, 0x23, 0xa1, 0x41, 0x99, 0x1c, + 0x8a, 0x88, 0xb2, 0x5f, 0x0d, 0x91, 0xff, 0x87, 0x59, 0x1d, 0x59, 0x20, 0x9e, 0xd2, 0x0a, 0x4a, + 0xb5, 0x00, 0x69, 0xc1, 0x0a, 0x13, 0x82, 0x0b, 0x6d, 0x1f, 0xe2, 0xa6, 0x2d, 0xdb, 0x15, 0x71, + 0xcf, 0x3d, 0x52, 0x2d, 0x9b, 0xa6, 0x0c, 0xce, 0x1a, 0xac, 0x66, 0xa7, 0x26, 0x31, 0x8f, 0x12, + 0xe6, 0x5c, 0x82, 0x46, 0x37, 0x8a, 0x87, 0x32, 0xd1, 0xf7, 0x70, 0xfe, 0x62, 0xc1, 0x6a, 0x46, + 0x49, 0x79, 0xc8, 0x97, 0x50, 0x1b, 0x57, 0x86, 0xac, 0x04, 0xdc, 0xcd, 0xf5, 0x82, 0x29, 0x6f, + 0x94, 0x15, 0x5d, 0x11, 0x4c, 0x38, 0xfb, 0x21, 0xac, 0x4d, 0x33, 0xcc, 0xa8, 0x0f, 0x57, 0x26, + 0xeb, 0xc3, 0x74, 0xb9, 0x32, 0xea, 0xc1, 0x3f, 0x2c, 0x78, 0x87, 0x32, 0x35, 0x83, 0x74, 0x4f, + 0xbc, 0x01, 0xdb, 0xe2, 0x51, 0x3f, 0x18, 0x64, 0x66, 0x5e, 0x53, 0xb5, 0x30, 0x43, 0xc6, 0xb2, + 0xd8, 0x82, 0xca, 0x61, 0xe8, 0xc9, 0x3e, 0x17, 0x27, 0x1a, 0xbc, 0x8e, 0xe0, 0x19, 0x8d, 0x8e, + 0xbe, 0x92, 0x75, 0xa8, 0x69, 0xe0, 0x03, 0xee, 0x33, 0x9d, 0x49, 0x26, 0x89, 0x34, 0xa1, 0xbc, + 0xcf, 0x07, 0x0f, 0xd1, 0xef, 0x45, 0xf5, 0x35, 0xdb, 0x12, 0x07, 0xea, 0x9a, 0x51, 0xa8, 0xb4, + 0x5e, 0x59, 0xb7, 0x5a, 0x2b, 0x74, 0x82, 0x46, 0xde, 0x85, 0xea, 0x11, 0x4b, 0x92, 0x80, 0x47, + 0xdd, 0xed, 0x66, 0x49, 0xc9, 0x8f, 0x09, 0xce, 0xaf, 0x2d, 0xb0, 0x67, 0xe9, 0xa5, 0x9d, 0x64, + 0xc6, 0xae, 0xf5, 0x9a, 0xb1, 0xfb, 0x36, 0x94, 0x52, 0x74, 0xdd, 0x58, 0xf5, 0xce, 0xf9, 0xf3, + 0x0a, 0xd4, 0x8f, 0xf0, 0x02, 0x99, 0x35, 0x5d, 0x80, 0xb1, 0x13, 0x74, 0xe0, 0x4e, 0xbb, 0xc6, + 0xe0, 0x20, 0x36, 0x54, 0x76, 0x75, 0x90, 0xe8, 0xc4, 0x18, 0xed, 0xc9, 0x17, 0x50, 0xcb, 0xd6, + 0x8f, 0x62, 0xd9, 0x2c, 0xa8, 0x28, 0xbb, 0x93, 0x13, 0x65, 0xe6, 0x4d, 0x5c, 0x43, 0x54, 0xc7, + 0x98, 0x41, 0x21, 0x37, 0xe0, 0x0d, 0x2f, 0x0c, 0xf9, 0xa9, 0x4e, 0x1c, 0x95, 0x02, 0xca, 0x05, + 0x15, 0x7a, 0xfe, 0x03, 0xf9, 0x18, 0xde, 0x34, 0x88, 0xf7, 0x85, 0xf0, 0xce, 0x30, 0x66, 0x4a, + 0x8a, 0x7f, 0xd6, 0x27, 0xec, 0xbd, 0xbb, 0x41, 0xe4, 0x85, 0x4d, 0x50, 0x3c, 0xe9, 0x06, 0x7d, + 0xbe, 0xf3, 0x22, 0xe6, 0x42, 0x32, 0x71, 0x5f, 0x4a, 0xd1, 0xac, 0x29, 0x63, 0x4e, 0xd0, 0xc8, + 0x21, 0xd4, 0xb7, 0xbc, 0xde, 0x53, 0xd6, 0x3d, 0x41, 0x62, 0xd2, 0xac, 0x2b, 0xb5, 0x6f, 0xe4, + 0xa8, 0xad, 0xd8, 0x1f, 0xc5, 0xe6, 0xdc, 0x64, 0x22, 0x90, 0x1e, 0xac, 0x66, 0xaa, 0xa7, 0x79, + 0xd8, 0x6c, 0x28, 0xcc, 0x7b, 0x17, 0x35, 0x65, 0x2a, 0x9d, 0x1e, 0x31, 0x05, 0x89, 0x8e, 0xdc, + 0xc1, 0x94, 0xf3, 0x24, 0x6b, 0xae, 0x2a, 0x9d, 0x47, 0x7b, 0xfb, 0x13, 0x58, 0x9b, 0xf6, 0xc6, + 0x45, 0xc6, 0x15, 0xfb, 0xa7, 0xf0, 0xe6, 0x8c, 0x2b, 0xbc, 0x56, 0x4d, 0xf8, 0x93, 0x05, 0x6f, + 0x9c, 0xb3, 0x1b, 0x96, 0x68, 0xa3, 0xc5, 0xaa, 0x35, 0x39, 0x80, 0x15, 0xf4, 0x4b, 0xd2, 0x5c, + 0x56, 0x46, 0xdb, 0xbc, 0x88, 0x23, 0x5c, 0x25, 0x99, 0x1a, 0x2c, 0x45, 0xb1, 0xef, 0x00, 0x8c, + 0x89, 0x17, 0x1a, 0xda, 0xbe, 0x84, 0x86, 0xf6, 0x8a, 0x4e, 0xf0, 0xb5, 0xf4, 0x89, 0xa0, 0x85, + 0xf1, 0x01, 0x30, 0x6e, 0x19, 0x85, 0x0b, 0xb6, 0x0c, 0xe7, 0x6b, 0xb8, 0x44, 0x99, 0xe7, 0xef, + 0x06, 0x21, 0x7b, 0x75, 0x65, 0xc4, 0x6c, 0x0d, 0xc2, 0x74, 0x6c, 0xc8, 0xb2, 0x55, 0xef, 0xc9, + 0x5d, 0x58, 0xa1, 0x5e, 0x34, 0x60, 0xfa, 0xe8, 0x2b, 0x39, 0x47, 0xab, 0x43, 0x90, 0x97, 0xa6, + 0x22, 0xce, 0x3d, 0xa8, 0x8e, 0x68, 0x58, 0x6b, 0x1e, 0xf5, 0xfb, 0x09, 0x4b, 0xeb, 0x56, 0x81, + 0xea, 0x1d, 0xd2, 0xf7, 0x59, 0x34, 0xd0, 0x47, 0x17, 0xa8, 0xde, 0x39, 0x57, 0x71, 0xc8, 0xce, + 0x6e, 0xae, 0x4d, 0x43, 0xa0, 0xb8, 0x8d, 0x8f, 0x19, 0x4b, 0x25, 0x98, 0x5a, 0x3b, 0x3e, 0xb6, + 0x3a, 0xcf, 0xdf, 0x0e, 0xc4, 0xab, 0x15, 0x6c, 0x42, 0x79, 0x3b, 0x10, 0x86, 0x7e, 0xd9, 0x96, + 0x5c, 0xc5, 0x26, 0xd8, 0x0b, 0x87, 0x3e, 0x6a, 0x2b, 0x99, 0x88, 0x74, 0xb5, 0x9f, 0xa2, 0x3a, + 0x9f, 0xa6, 0x76, 0x54, 0xa7, 0xe8, 0xcb, 0xdc, 0x80, 0x32, 0x8b, 0xa4, 0x08, 0x58, 0xd6, 0x29, + 0x89, 0x9b, 0xbe, 0x3f, 0x5d, 0xf5, 0xfe, 0x54, 0x1d, 0x99, 0x66, 0x2c, 0xce, 0x26, 0x5c, 0x42, + 0x42, 0xbe, 0x23, 0x08, 0x14, 0x8d, 0x4b, 0xaa, 0xb5, 0x73, 0x17, 0xd6, 0xc6, 0x82, 0xfa, 0xe8, + 0xab, 0x50, 0xc4, 0x91, 0x52, 0x17, 0xe2, 0x59, 0xe7, 0xaa, 0xef, 0x4e, 0x03, 0x6a, 0x87, 0x41, + 0x94, 0xf5, 0x44, 0xe7, 0xa5, 0x05, 0xf5, 0x43, 0x1e, 0x8d, 0x7b, 0xc9, 0x21, 0x5c, 0xca, 0x32, + 0xf0, 0xfe, 0x61, 0x77, 0xcb, 0x8b, 0x33, 0x55, 0xd6, 0xcf, 0xbb, 0x59, 0x3f, 0xc4, 0xdd, 0x94, + 0xb1, 0x53, 0xc4, 0xb6, 0x43, 0xa7, 0xc5, 0xc9, 0x4f, 0xa0, 0xbc, 0xbf, 0xdf, 0x51, 0x48, 0xcb, + 0x17, 0x42, 0xca, 0xc4, 0xc8, 0x27, 0x50, 0x7e, 0xa2, 0x7e, 0x1f, 0x48, 0x74, 0x6b, 0x98, 0x11, + 0x72, 0xa9, 0xa2, 0x29, 0x1b, 0x65, 0x3d, 0x2e, 0x7c, 0x9a, 0x09, 0x39, 0xff, 0xb5, 0xa0, 0xf6, + 0xc4, 0x1b, 0xcf, 0x5b, 0x9f, 0x41, 0xc9, 0x7f, 0xed, 0x7e, 0x99, 0x6e, 0x31, 0x8b, 0x43, 0xf6, + 0x9c, 0x85, 0x3a, 0x54, 0xd3, 0x0d, 0x52, 0x93, 0xa7, 0x5c, 0xa4, 0xd9, 0x59, 0xa7, 0xe9, 0x06, + 0xe3, 0xda, 0x67, 0xd2, 0x0b, 0x42, 0x35, 0x68, 0xd7, 0xa9, 0xde, 0xa1, 0xd7, 0x87, 0x22, 0x54, + 0x4d, 0xa9, 0x4a, 0x71, 0x49, 0x1c, 0x28, 0x06, 0x51, 0x9f, 0xab, 0xbe, 0xa3, 0xab, 0xdb, 0x11, + 0x1f, 0x8a, 0x1e, 0xeb, 0x46, 0x7d, 0x4e, 0xd5, 0x37, 0xf2, 0x3e, 0x94, 0x04, 0xa6, 0x51, 0xd2, + 0x2c, 0x2b, 0xa3, 0x54, 0x91, 0x2b, 0x4d, 0x36, 0xfd, 0xc1, 0x59, 0x85, 0x7a, 0xaa, 0xb7, 0x9e, + 0xf8, 0x7e, 0xbb, 0x0c, 0x6f, 0x3e, 0x64, 0xa7, 0x5b, 0x99, 0x5e, 0x99, 0x41, 0xd6, 0xa1, 0x36, + 0xa2, 0x75, 0xb7, 0x75, 0xf8, 0x99, 0x24, 0x3c, 0xec, 0x80, 0x0f, 0x23, 0x99, 0xf9, 0x50, 0x1d, + 0xa6, 0x28, 0x54, 0x7f, 0x20, 0xdf, 0x87, 0xf2, 0x43, 0x26, 0x4f, 0xb9, 0x78, 0xa6, 0xb4, 0x5e, + 0xdd, 0xa8, 0x21, 0xcf, 0x43, 0x26, 0x71, 0x3c, 0xa2, 0xd9, 0x37, 0x9c, 0xb9, 0xe2, 0x6c, 0xe6, + 0x2a, 0xce, 0x9a, 0xb9, 0xb2, 0xaf, 0x64, 0x13, 0x6a, 0x3d, 0x1e, 0x25, 0x52, 0x78, 0x01, 0x1e, + 0xbc, 0xa2, 0x98, 0xbf, 0x83, 0xcc, 0xa9, 0x63, 0xb7, 0xc6, 0x1f, 0xa9, 0xc9, 0x49, 0xae, 0x03, + 0xb0, 0x17, 0x52, 0x78, 0x7b, 0x3c, 0x91, 0x49, 0xb3, 0xa4, 0x2e, 0x0c, 0x28, 0x87, 0x84, 0xee, + 0x21, 0x35, 0xbe, 0x3a, 0x6f, 0xc3, 0x5b, 0x93, 0x16, 0xd1, 0xa6, 0xba, 0x07, 0xdf, 0xa5, 0x2c, + 0x64, 0x5e, 0xc2, 0x2e, 0x6e, 0x2d, 0xc7, 0x86, 0xe6, 0x79, 0x61, 0x0d, 0xfc, 0xbf, 0x02, 0xd4, + 0x76, 0x5e, 0xb0, 0xde, 0x01, 0x4b, 0x12, 0x6f, 0xa0, 0x26, 0xbf, 0x43, 0xc1, 0x7b, 0x2c, 0x49, + 0x46, 0x58, 0x63, 0x02, 0xf9, 0x11, 0x14, 0xbb, 0x51, 0x20, 0x75, 0x9b, 0xbb, 0x9a, 0x3b, 0x78, + 0x07, 0x52, 0x63, 0xe2, 0xdb, 0x09, 0xb7, 0xe4, 0x2e, 0x14, 0xb1, 0x48, 0x2c, 0x52, 0xa8, 0x7d, + 0x43, 0x16, 0x65, 0x48, 0x47, 0xfd, 0x3e, 0x16, 0x7c, 0xc5, 0xb4, 0x97, 0x5a, 0xf9, 0x1d, 0x26, + 0xf8, 0x8a, 0x8d, 0x11, 0xb4, 0x24, 0xd9, 0x81, 0xf2, 0x91, 0xf4, 0x84, 0x64, 0xbe, 0xf6, 0x5e, + 0xde, 0xd3, 0x52, 0x73, 0x8e, 0x51, 0x32, 0x59, 0x34, 0xc2, 0xce, 0x8b, 0x40, 0xea, 0x6c, 0xc8, + 0x33, 0x02, 0xb2, 0x19, 0x8a, 0xe0, 0x16, 0xa5, 0xb7, 0x79, 0xc4, 0x9a, 0xe5, 0xb9, 0xd2, 0xc8, + 0x66, 0x48, 0xe3, 0x16, 0xcd, 0x70, 0x14, 0x0c, 0x70, 0xbe, 0xab, 0xcc, 0x35, 0x43, 0xca, 0x68, + 0x98, 0x21, 0x25, 0x74, 0xca, 0xb0, 0xa2, 0xa6, 0x19, 0xe7, 0xf7, 0x16, 0xd4, 0x0c, 0x3f, 0x2d, + 0x90, 0x77, 0xef, 0x42, 0xf1, 0x80, 0x49, 0x4f, 0xfb, 0xbf, 0xa2, 0xb2, 0x8e, 0x49, 0x8f, 0x2a, + 0x2a, 0x16, 0x8e, 0x5d, 0x3f, 0x2d, 0x8a, 0x0d, 0x8a, 0x4b, 0xa4, 0x3c, 0x96, 0x67, 0xca, 0x65, + 0x15, 0x8a, 0x4b, 0x72, 0x03, 0x2a, 0x47, 0xac, 0x37, 0x14, 0x81, 0x3c, 0x53, 0x4e, 0x58, 0xdd, + 0x58, 0x53, 0xe5, 0x44, 0xd3, 0x54, 0x72, 0x8e, 0x38, 0x9c, 0x07, 0x18, 0x9c, 0xe3, 0x0b, 0x12, + 0x28, 0x6e, 0xe1, 0x7b, 0x07, 0x6f, 0xd6, 0xa0, 0x6a, 0x8d, 0x4f, 0xce, 0x9d, 0x79, 0x4f, 0xce, + 0x9d, 0xec, 0xc9, 0x39, 0xe9, 0x54, 0xec, 0x3e, 0x86, 0x91, 0x9d, 0xfb, 0x50, 0x1d, 0x05, 0x1e, + 0x59, 0x85, 0xe5, 0x5d, 0x5f, 0x9f, 0xb4, 0xbc, 0xeb, 0xa3, 0x2a, 0x3b, 0x8f, 0x76, 0xd5, 0x29, + 0x15, 0x8a, 0xcb, 0x51, 0xaf, 0x2f, 0x18, 0xbd, 0x7e, 0x13, 0x1f, 0xd3, 0x46, 0xf4, 0x21, 0x13, + 0xe5, 0xa7, 0x49, 0x76, 0x65, 0x5c, 0xa7, 0x6a, 0x84, 0x89, 0xc2, 0x52, 0x6a, 0x84, 0x89, 0xf3, + 0x3d, 0x68, 0x4c, 0xf8, 0x0b, 0x99, 0xd4, 0xeb, 0x4d, 0x8f, 0x84, 0xb8, 0xde, 0xf8, 0x67, 0x15, + 0xaa, 0xfb, 0xfb, 0x9d, 0x8e, 0x08, 0xfc, 0x01, 0x23, 0xbf, 0xb1, 0x80, 0x9c, 0x7f, 0x86, 0x91, + 0x5b, 0xf9, 0x99, 0x31, 0xfb, 0x35, 0x6a, 0xdf, 0xbe, 0xa0, 0x94, 0xee, 0xcf, 0x5f, 0xc0, 0x8a, + 0x9a, 0x0d, 0xc9, 0x07, 0x0b, 0xce, 0xf4, 0x76, 0x6b, 0x3e, 0xa3, 0xc6, 0xee, 0x41, 0x25, 0x9b, + 0xaf, 0xc8, 0xf5, 0xdc, 0xeb, 0x4d, 0x8c, 0x8f, 0xf6, 0x87, 0x0b, 0xf1, 0xea, 0x43, 0x7e, 0x01, + 0x65, 0x3d, 0x36, 0x91, 0x6b, 0x73, 0xe4, 0xc6, 0x03, 0x9c, 0x7d, 0x7d, 0x11, 0xd6, 0xb1, 0x1a, + 0xd9, 0x78, 0x94, 0xab, 0xc6, 0xd4, 0xf0, 0x95, 0xab, 0xc6, 0xb9, 0x79, 0xeb, 0x09, 0x14, 0x71, + 0x8e, 0x22, 0x79, 0xf5, 0xc4, 0x18, 0xb4, 0xec, 0x3c, 0x77, 0x4d, 0x0c, 0x60, 0x3f, 0xc7, 0xba, + 0xab, 0xde, 0xa2, 0xf9, 0x15, 0xd7, 0xf8, 0x01, 0xc9, 0xbe, 0xb6, 0x00, 0xe7, 0x18, 0x5e, 0xbf, + 0xe3, 0x5a, 0x0b, 0xfc, 0x8a, 0x33, 0x1f, 0x7e, 0xea, 0xf7, 0x22, 0x0e, 0x75, 0xb3, 0x9d, 0x12, + 0x37, 0x47, 0x74, 0xc6, 0x24, 0x62, 0xb7, 0x17, 0xe6, 0xd7, 0x07, 0x7e, 0x8d, 0x6f, 0x82, 0xc9, + 0x56, 0x4b, 0x36, 0x72, 0xcd, 0x31, 0xb3, 0xa9, 0xdb, 0x37, 0x2f, 0x24, 0xa3, 0x0f, 0xf7, 0xd2, + 0x56, 0xae, 0xdb, 0x35, 0xc9, 0xef, 0x4c, 0xa3, 0x96, 0x6f, 0x2f, 0xc8, 0xd7, 0xb2, 0x3e, 0xb6, + 0x30, 0xce, 0x70, 0x84, 0xcb, 0xc5, 0x36, 0x66, 0xdb, 0xdc, 0x38, 0x33, 0x67, 0xc1, 0x4e, 0xfd, + 0x9b, 0x97, 0x97, 0xad, 0xbf, 0xbf, 0xbc, 0x6c, 0xfd, 0xfb, 0xe5, 0x65, 0xeb, 0xb8, 0xa4, 0xfe, + 0x2b, 0x76, 0xf3, 0xff, 0x01, 0x00, 0x00, 0xff, 0xff, 0x93, 0xc5, 0x33, 0x68, 0x67, 0x1c, 0x00, + 0x00, } // Reference imports to suppress errors if they are not otherwise used. @@ -3766,15 +3767,10 @@ func (m *InToto) MarshalToSizedBuffer(dAtA []byte) (int, error) { i-- dAtA[i] = 0x1a } - if m.PredicateRef != nil { - { - size, err := m.PredicateRef.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintGateway(dAtA, i, uint64(size)) - } + if len(m.PredicateRefKey) > 0 { + i -= len(m.PredicateRefKey) + copy(dAtA[i:], m.PredicateRefKey) + i = encodeVarintGateway(dAtA, i, uint64(len(m.PredicateRefKey))) i-- dAtA[i] = 0x12 } @@ -5371,20 +5367,20 @@ func (m *InitMessage) MarshalToSizedBuffer(dAtA []byte) (int, error) { dAtA[i] = 0x20 } if len(m.Fds) > 0 { - dAtA31 := make([]byte, len(m.Fds)*10) - var j30 int + dAtA30 := make([]byte, len(m.Fds)*10) + var j29 int for _, num := range m.Fds { for num >= 1<<7 { - dAtA31[j30] = uint8(uint64(num)&0x7f | 0x80) + dAtA30[j29] = uint8(uint64(num)&0x7f | 0x80) num >>= 7 - j30++ + j29++ } - dAtA31[j30] = uint8(num) - j30++ + dAtA30[j29] = uint8(num) + j29++ } - i -= j30 - copy(dAtA[i:], dAtA31[:j30]) - i = encodeVarintGateway(dAtA, i, uint64(j30)) + i -= j29 + copy(dAtA[i:], dAtA30[:j29]) + i = encodeVarintGateway(dAtA, i, uint64(j29)) i-- dAtA[i] = 0x1a } @@ -5845,8 +5841,8 @@ func (m *InToto) Size() (n int) { if l > 0 { n += 1 + l + sovGateway(uint64(l)) } - if m.PredicateRef != nil { - l = m.PredicateRef.Size() + l = len(m.PredicateRefKey) + if l > 0 { n += 1 + l + sovGateway(uint64(l)) } l = len(m.PredicatePath) @@ -7878,9 +7874,9 @@ func (m *InToto) Unmarshal(dAtA []byte) error { iNdEx = postIndex case 2: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field PredicateRef", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field PredicateRefKey", wireType) } - var msglen int + var stringLen uint64 for shift := uint(0); ; shift += 7 { if shift >= 64 { return ErrIntOverflowGateway @@ -7890,27 +7886,23 @@ func (m *InToto) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - msglen |= int(b&0x7F) << shift + stringLen |= uint64(b&0x7F) << shift if b < 0x80 { break } } - if msglen < 0 { + intStringLen := int(stringLen) + if intStringLen < 0 { return ErrInvalidLengthGateway } - postIndex := iNdEx + msglen + postIndex := iNdEx + intStringLen if postIndex < 0 { return ErrInvalidLengthGateway } if postIndex > l { return io.ErrUnexpectedEOF } - if m.PredicateRef == nil { - m.PredicateRef = &Ref{} - } - if err := m.PredicateRef.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } + m.PredicateRefKey = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex case 3: if wireType != 2 { diff --git a/frontend/gateway/pb/gateway.proto b/frontend/gateway/pb/gateway.proto index 97cb93a29774..ed0937e247d2 100644 --- a/frontend/gateway/pb/gateway.proto +++ b/frontend/gateway/pb/gateway.proto @@ -75,7 +75,7 @@ message Attestations { message InToto { string predicateType = 1; - Ref predicateRef = 2; + string predicateRefKey = 2; string predicatePath = 3; message Subject { diff --git a/frontend/result.go b/frontend/result.go index 8f979e22bea4..a85bd46a477c 100644 --- a/frontend/result.go +++ b/frontend/result.go @@ -5,24 +5,11 @@ import ( "github.com/moby/buildkit/util/attestation" ) -type Attestation interface { - isFrontendAttestation() -} - -type InTotoAttestation struct { - PredicateType string - PredicateRef solver.ResultProxy - PredicatePath string - Subjects []attestation.InTotoSubject -} - -func (a *InTotoAttestation) isFrontendAttestation() {} - type Result struct { Ref solver.ResultProxy Refs map[string]solver.ResultProxy Metadata map[string][]byte - Attestations map[string][]Attestation + Attestations map[string][]attestation.Attestation } func (r *Result) EachRef(fn func(solver.ResultProxy) error) (err error) { @@ -36,15 +23,5 @@ func (r *Result) EachRef(fn func(solver.ResultProxy) error) (err error) { } } } - for _, as := range r.Attestations { - for _, a := range as { - switch a := a.(type) { - case *InTotoAttestation: - if err1 := fn(a.PredicateRef); err1 != nil && err == nil { - err = err1 - } - } - } - } return err } diff --git a/solver/llbsolver/solver.go b/solver/llbsolver/solver.go index 86e0937dd04b..0f27b1f7cde1 100644 --- a/solver/llbsolver/solver.go +++ b/solver/llbsolver/solver.go @@ -203,11 +203,15 @@ func (s *Solver) Solve(ctx context.Context, id string, sessionID string, req fro var exporterResponse map[string]string if e := exp.Exporter; e != nil { inp := exporter.Source{ - Metadata: res.Metadata, + Metadata: res.Metadata, + Attestations: res.Attestations, } if inp.Metadata == nil { inp.Metadata = make(map[string][]byte) } + if inp.Attestations == nil { + inp.Attestations = make(map[string][]attestation.Attestation) + } var cr solver.CachedResult var crMap = map[string]solver.CachedResult{} if res := res.Ref; res != nil { @@ -242,47 +246,6 @@ func (s *Solver) Solve(ctx context.Context, id string, sessionID string, req fro } inp.Refs = m } - if res.Attestations != nil { - m := make(map[string][]exporter.Attestation, len(res.Attestations)) - for k, as := range res.Attestations { - for _, a := range as { - switch a := a.(type) { - case *frontend.InTotoAttestation: - r, err := a.PredicateRef.Result(ctx) - if err != nil { - return nil, err - } - workerRef, ok := r.Sys().(*worker.WorkerRef) - if !ok { - return nil, errors.Errorf("invalid reference: %T", r.Sys()) - } - - subjects := make([]attestation.InTotoSubject, len(a.Subjects)) - for i, s := range a.Subjects { - switch s := s.(type) { - case *attestation.InTotoSubjectSelf: - subjects[i] = &attestation.InTotoSubjectSelf{} - case *attestation.InTotoSubjectRaw: - subjects[i] = &attestation.InTotoSubjectRaw{ - Name: s.Name, - Digest: s.Digest, - } - default: - return nil, errors.Errorf("unknown attestation subject type %T", s) - } - } - - m[k] = append(m[k], &exporter.InTotoAttestation{ - PredicateType: a.PredicateType, - PredicateRef: workerRef.ImmutableRef, - PredicatePath: a.PredicatePath, - Subjects: subjects, - }) - } - } - } - inp.Attestations = m - } if _, ok := asInlineCache(exp.CacheExporter); ok { if err := inBuilderContext(ctx, j, "preparing layers for inline cache", j.SessionID+"-cache-inline", func(ctx context.Context, _ session.Group) error { if cr != nil { diff --git a/util/attestation/subject.go b/util/attestation/attestation.go similarity index 73% rename from util/attestation/subject.go rename to util/attestation/attestation.go index ebd327604567..8ee67e4d6198 100644 --- a/util/attestation/subject.go +++ b/util/attestation/attestation.go @@ -4,6 +4,19 @@ import ( digest "github.com/opencontainers/go-digest" ) +type Attestation interface { + isAttestation() +} + +type InTotoAttestation struct { + PredicateType string + PredicateRefKey string + PredicatePath string + Subjects []InTotoSubject +} + +func (a *InTotoAttestation) isAttestation() {} + type InTotoSubject interface { isInTotoSubject() } diff --git a/util/attestation/attestations.go b/util/attestation/types.go similarity index 100% rename from util/attestation/attestations.go rename to util/attestation/types.go