It happens when the policy has optional arguments and none are specified in the contract. The current logic compares already evaluated policies with arguments with reflect.DeepEqual which differentiates between nil and empty maps.
As a consequence, the the evaluation is stored twice (att init and push).
"policyEvaluations": {
"CHAINLOOP.ATTESTATION": [
{
"description": "Verifies that the attestation explicitly references a specific Git commit",
"name": "source-commit",
"policyReference": {
"annotations": {
"name": "source-commit",
"organization": ""
},
"digest": {
"sha256": "8158b8b4e4245524bbf4b40697916e8a6be546ad0a973aab32637ba9c5ce547c"
},
"name": "source-commit",
"uri": "chainloop://chainloop-ee-backend:80/source-commit"
},
"skipped": false,
"type": "ATTESTATION",
"violations": [
{
"message": "missing commit in statement",
"subject": "source-commit"
}
]
},
{
"description": "Verifies that the attestation explicitly references a specific Git commit",
"name": "source-commit",
"policyReference": {
"annotations": {
"name": "source-commit",
"organization": ""
},
"digest": {
"sha256": "8158b8b4e4245524bbf4b40697916e8a6be546ad0a973aab32637ba9c5ce547c"
},
"name": "source-commit",
"uri": "chainloop://chainloop-ee-backend:80/source-commit"
},
"skipped": false,
"type": "ATTESTATION",
"violations": [
{
"message": "missing commit in statement",
"subject": "source-commit"
}
]
}
]
It happens when the policy has optional arguments and none are specified in the contract. The current logic compares already evaluated policies with arguments with
reflect.DeepEqualwhich differentiates betweenniland empty maps.As a consequence, the the evaluation is stored twice (att init and push).