feat: custom annotations (#278)

Signed-off-by: Miguel Martinez Trivino <miguel@chainloop.dev>

Author: migmartri

app/cli/api/attestation/v1/crafting_state.pb.go

@@ -47,6 +47,9 @@ message Attestation {
         // leveraging a form of inline CAS 
         bool inline_cas = 8;
 
+        // Annotations for the material
+        map<string, string> annotations = 9 [(validate.rules).map.values.string.min_len = 1];
+
         message KeyVal {
             string id = 1 [(validate.rules).string.min_len = 1];
             string value = 2 [(validate.rules).string.min_len = 1];

app/cli/api/attestation/v1/crafting_state.pb.validate.go

@@ -24,6 +24,7 @@ import (
 	"github.com/chainloop-dev/chainloop/app/cli/internal/action"
 	"github.com/jedib0t/go-pretty/v6/table"
 	"github.com/jedib0t/go-pretty/v6/text"
+	"github.com/muesli/reflow/wrap"
 	"github.com/spf13/cobra"
 )
 
@@ -134,12 +135,21 @@ func predicateV1Table(att *action.WorkflowRunAttestationItem) {
 		mt := newTableWriter()
 		mt.SetTitle("Materials")
 
-		header := table.Row{"Name", "Type", "Value"}
-		mt.AppendHeader(header)
-
 		for _, m := range materials {
-			row := table.Row{m.Name, m.Type, m.Value}
-			mt.AppendRow(row)
+			mt.AppendRow(table.Row{"Name", m.Name})
+			mt.AppendRow(table.Row{"Type", m.Type})
+			mt.AppendRow(table.Row{"Value", wrap.String(m.Value, 100)})
+			if m.Hash != "" {
+				mt.AppendRow(table.Row{"Digest", m.Hash})
+			}
+
+			if len(m.Annotations) > 0 {
+				mt.AppendRow(table.Row{"Annotations", "------"})
+				for _, a := range m.Annotations {
+					mt.AppendRow(table.Row{"", fmt.Sprintf("%s: %s", a.Name, a.Value)})
+				}
+			}
+			mt.AppendSeparator()
 		}
 
 		mt.Render()

app/cli/api/attestation/v1/crafting_state.proto

@@ -19,6 +19,7 @@ import (
 	"context"
 	"errors"
 	"fmt"
+	"sort"
 	"time"
 
 	pb "github.com/chainloop-dev/chainloop/app/controlplane/api/controlplane/v1"
@@ -51,12 +52,20 @@ type WorkflowRunAttestationItem struct {
 }
 
 type Material struct {
+	Name string `json:"name"`
+	// filename, container image name, string value, ...
+	Value       string        `json:"value"`
+	Hash        string        `json:"hash"`
+	Type        string        `json:"type"`
+	Annotations []*Annotation `json:"annotations,omitempty"`
+}
+
+type EnvVar struct {
 	Name  string `json:"name"`
 	Value string `json:"value"`
-	Type  string `json:"type"`
 }
 
-type EnvVar struct {
+type Annotation struct {
 	Name  string `json:"name"`
 	Value string `json:"value"`
 }
@@ -120,7 +129,7 @@ func (action *WorkflowRunDescribe) Run(runID string, verify bool, publicKey stri
 
 	materials := make([]*Material, 0, len(attestation.GetMaterials()))
 	for _, v := range attestation.GetMaterials() {
-		materials = append(materials, &Material{Name: v.Name, Value: v.Value, Type: v.Type})
+		materials = append(materials, materialPBToAction(v))
 	}
 
 	item.Attestation = &WorkflowRunAttestationItem{
@@ -134,6 +143,30 @@ func (action *WorkflowRunDescribe) Run(runID string, verify bool, publicKey stri
 	return item, nil
 }
 
+func materialPBToAction(in *pb.AttestationItem_Material) *Material {
+	m := &Material{
+		Name:  in.Name,
+		Value: in.Value,
+		Type:  in.Type,
+		Hash:  in.Hash,
+	}
+
+	// append annotations sorted
+	if in.Annotations != nil {
+		keys := make([]string, 0, len(in.Annotations))
+		for k := range in.Annotations {
+			keys = append(keys, k)
+		}
+		sort.Strings(keys)
+
+		for _, k := range keys {
+			m.Annotations = append(m.Annotations, &Annotation{Name: k, Value: in.Annotations[k]})
+		}
+	}
+
+	return m
+}
+
 func verifyEnvelope(ctx context.Context, e *dsse.Envelope, publicKey string) error {
 	// Currently we only support basic cosign public key check
 	// TODO: Add more verification methods

app/cli/cmd/workflow_workflow_run_describe.go

@@ -65,9 +65,12 @@ message AttestationItem {
 
   message Material {
     string name = 1; 
+    // This might be the raw value, the container image name, the filename and so on
     string value = 2; 
     // Material type, i.e ARTIFACT
     string type = 3; 
+    map<string, string> annotations = 4;
+    string hash = 5; 
   }
 }