Skip to content

Commit

Permalink
feat: adding omnitrail attestor (#256)
Browse files Browse the repository at this point in the history
* feat: adding omnitrail attestor

---------

Signed-off-by: Frederick Kautz <[email protected]>
  • Loading branch information
fkautz authored Jun 11, 2024
1 parent b466e28 commit 62e34c9
Show file tree
Hide file tree
Showing 5 changed files with 224 additions and 0 deletions.
72 changes: 72 additions & 0 deletions attestation/omnitrail/omnitrail.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
// Copyright 2024 The Witness Contributors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package omnitrail

import (
ot "github.com/fkautz/omnitrail-go"
"github.com/in-toto/go-witness/attestation"
"github.com/invopop/jsonschema"
)

const (
Name = "omnitrail"
Type = "https://witness.dev/attestations/omnitrail/v0.1"
RunType = attestation.PreMaterialRunType
)

func init() {
attestation.RegisterAttestation(Name, Type, RunType, func() attestation.Attestor {
return NewOmnitrailAttestor()
})
}

type Attestor struct {
Envelope *ot.Envelope `json:"Envelope"`
}

func NewOmnitrailAttestor() *Attestor {
return &Attestor{}
}

// Attest implements attestation.Attestor.
func (o *Attestor) Attest(ctx *attestation.AttestationContext) error {
trail := ot.NewTrail()
err := trail.Add(ctx.WorkingDir())
if err != nil {
return err
}
o.Envelope = trail.Envelope()
return nil
}

// Name implements attestation.Attestor.
func (o *Attestor) Name() string {
return Name
}

// RunType implements attestation.Attestor.
func (o *Attestor) RunType() attestation.RunType {
return RunType
}

// // Schema implements attestation.Attestor.
func (o *Attestor) Schema() *jsonschema.Schema {
return jsonschema.Reflect(&o)
}

// Type implements attestation.Attestor.
func (o *Attestor) Type() string {
return Type
}
2 changes: 2 additions & 0 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,7 @@ require (
github.com/cyphar/filepath-securejoin v0.2.4 // indirect
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
github.com/felixge/httpsnoop v1.0.4 // indirect
github.com/fkautz/omnitrail-go v0.0.0-20230808061951-37d34c23539d // indirect
github.com/go-ini/ini v1.67.0 // indirect
github.com/go-jose/go-jose/v4 v4.0.1 // indirect
github.com/go-logr/logr v1.4.1 // indirect
Expand All @@ -83,6 +84,7 @@ require (
github.com/mailru/easyjson v0.7.7 // indirect
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/omnibor/omnibor-go v0.0.0-20230521145532-a77de61a16cd // indirect
github.com/opencontainers/go-digest v1.0.0 // indirect
github.com/pjbgf/sha1cd v0.3.0 // indirect
github.com/pkg/errors v0.9.1 // indirect
Expand Down
4 changes: 4 additions & 0 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -118,6 +118,8 @@ github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1m
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
github.com/fkautz/omnitrail-go v0.0.0-20230808061951-37d34c23539d h1:p4DOjnN5IAuUhtksK+RuwR2q3VclzeI1+zh+AfNFFjw=
github.com/fkautz/omnitrail-go v0.0.0-20230808061951-37d34c23539d/go.mod h1:To+426All36lUwebm2u5Qptl3daW1Nnk+LHrkTFhiWQ=
github.com/fortytw2/leaktest v1.3.0 h1:u8491cBMTQ8ft8aeV+adlcytMZylmA5nnwwkRZjI8vw=
github.com/fortytw2/leaktest v1.3.0/go.mod h1:jDsjWgpAGjm2CA7WthBh/CdZYEPF31XHquHwclZch5g=
github.com/foxcpp/go-mockdns v1.0.0 h1:7jBqxd3WDWwi/6WhDvacvH1XsN3rOLXyHM1uhvIx6FI=
Expand Down Expand Up @@ -251,6 +253,8 @@ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
github.com/omnibor/omnibor-go v0.0.0-20230521145532-a77de61a16cd h1:25EpGVgctk6V3DUa1gqFHvjVbmdWqM+jBZAed7p/krQ=
github.com/omnibor/omnibor-go v0.0.0-20230521145532-a77de61a16cd/go.mod h1:ArlQivzDQvZnFe8itjlA3ndPTXd9iWOgqzF31OyIEFQ=
github.com/onsi/gomega v1.29.0 h1:KIA/t2t5UBzoirT4H9tsML45GEbo3ouUnBHsCfD2tVg=
github.com/onsi/gomega v1.29.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ=
github.com/open-policy-agent/opa v0.61.0 h1:nhncQ2CAYtQTV/SMBhDDPsCpCQsUW+zO/1j+T5V7oZg=
Expand Down
1 change: 1 addition & 0 deletions imports.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ import (
_ "github.com/in-toto/go-witness/attestation/material"
_ "github.com/in-toto/go-witness/attestation/maven"
_ "github.com/in-toto/go-witness/attestation/oci"
_ "github.com/in-toto/go-witness/attestation/omnitrail"
_ "github.com/in-toto/go-witness/attestation/policyverify"
_ "github.com/in-toto/go-witness/attestation/product"
_ "github.com/in-toto/go-witness/attestation/sarif"
Expand Down
145 changes: 145 additions & 0 deletions schemagen/omnitrail.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,145 @@
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$ref": "#/$defs/Attestor",
"$defs": {
"Attestor": {
"properties": {
"Envelope": {
"$ref": "#/$defs/Envelope"
}
},
"additionalProperties": false,
"type": "object",
"required": [
"Envelope"
]
},
"Element": {
"properties": {
"type": {
"type": "string"
},
"sha1": {
"type": "string"
},
"sha256": {
"type": "string"
},
"gitoid:sha1": {
"type": "string"
},
"gitoid:sha256": {
"type": "string"
},
"posix": {
"$ref": "#/$defs/Posix"
}
},
"additionalProperties": false,
"type": "object",
"required": [
"type"
]
},
"Envelope": {
"properties": {
"header": {
"$ref": "#/$defs/Header"
},
"mapping": {
"additionalProperties": {
"$ref": "#/$defs/Element"
},
"type": "object"
}
},
"additionalProperties": false,
"type": "object",
"required": [
"header",
"mapping"
]
},
"Feature": {
"properties": {
"algorithms": {
"items": {
"type": "string"
},
"type": "array"
}
},
"additionalProperties": false,
"type": "object"
},
"Header": {
"properties": {
"features": {
"additionalProperties": {
"$ref": "#/$defs/Feature"
},
"type": "object"
}
},
"additionalProperties": false,
"type": "object",
"required": [
"features"
]
},
"Posix": {
"properties": {
"atime": {
"type": "string"
},
"ctime": {
"type": "string"
},
"creation_time": {
"type": "string"
},
"extended_attributes": {
"type": "string"
},
"file_device_id": {
"type": "string"
},
"file_flags": {
"type": "string"
},
"file_inode": {
"type": "string"
},
"file_system_id": {
"type": "string"
},
"file_type": {
"type": "string"
},
"hard_link_count": {
"type": "string"
},
"mtime": {
"type": "string"
},
"metadata_ctime": {
"type": "string"
},
"owner_gid": {
"type": "string"
},
"owner_uid": {
"type": "string"
},
"permissions": {
"type": "string"
},
"size": {
"type": "string"
}
},
"additionalProperties": false,
"type": "object"
}
}
}

0 comments on commit 62e34c9

Please sign in to comment.