diff --git a/app/controlplane/cmd/wire_gen.go b/app/controlplane/cmd/wire_gen.go index 7f9aa272e..3b41343f2 100644 --- a/app/controlplane/cmd/wire_gen.go +++ b/app/controlplane/cmd/wire_gen.go @@ -79,7 +79,7 @@ func wireApp(bootstrap *conf.Bootstrap, readerWriter credentials.ReaderWriter, l } bootstrap_CASServer := bootstrap.CasServer casClientUseCase := biz.NewCASClientUseCase(casCredentialsUseCase, bootstrap_CASServer, logger) - attestationUseCase := biz.NewAttestationUseCase(casClientUseCase, backendProvider, logger) + attestationUseCase := biz.NewAttestationUseCase(casClientUseCase, logger) newWorkflowRunServiceOpts := &service.NewWorkflowRunServiceOpts{ WorkflowRunUC: workflowRunUseCase, WorkflowUC: workflowUseCase, diff --git a/app/controlplane/internal/biz/attestation.go b/app/controlplane/internal/biz/attestation.go index 0265ef9f9..99669622f 100644 --- a/app/controlplane/internal/biz/attestation.go +++ b/app/controlplane/internal/biz/attestation.go @@ -23,9 +23,6 @@ import ( "fmt" "io" - casAPI "github.com/chainloop-dev/chainloop/app/artifact-cas/api/cas/v1" - - backend "github.com/chainloop-dev/chainloop/internal/blobmanager" "github.com/chainloop-dev/chainloop/internal/servicelogger" "github.com/go-kratos/kratos/v2/log" "github.com/secure-systems-lab/go-securesystemslib/dsse" @@ -38,10 +35,6 @@ type Attestation struct { type AttestationUseCase struct { logger *log.Helper CASClient - - // DEPRECATED - // We will remove it once we force all the clients to use the CAS instead - backendProvider backend.Provider } type AttestationRef struct { @@ -51,15 +44,14 @@ type AttestationRef struct { SecretRef string } -func NewAttestationUseCase(client CASClient, p backend.Provider, logger log.Logger) *AttestationUseCase { +func NewAttestationUseCase(client CASClient, logger log.Logger) *AttestationUseCase { if logger == nil { logger = log.NewStdLogger(io.Discard) } return &AttestationUseCase{ - logger: servicelogger.ScopedHelper(logger, "biz/attestation"), - CASClient: client, - backendProvider: p, + logger: servicelogger.ScopedHelper(logger, "biz/attestation"), + CASClient: client, } } @@ -67,23 +59,8 @@ func (uc *AttestationUseCase) FetchFromStore(ctx context.Context, secretID, dige uc.logger.Infow("msg", "downloading attestation", "digest", digest) buf := bytes.NewBuffer(nil) - if uc.CASClient.Configured() { - if err := uc.CASClient.Download(ctx, secretID, buf, digest); err != nil { - return nil, fmt.Errorf("downloading from CAS: %w", err) - } - } else { - uc.logger.Warnw("msg", "no CAS configured, falling back to old mechanism") - - // DEPRECATED - // TODO: remove - downloader, err := uc.backendProvider.FromCredentials(ctx, secretID) - if err != nil { - return nil, err - } - - if err := downloader.Download(ctx, buf, digest); err != nil { - return nil, err - } + if err := uc.CASClient.Download(ctx, secretID, buf, digest); err != nil { + return nil, fmt.Errorf("downloading from CAS: %w", err) } var envelope dsse.Envelope @@ -105,27 +82,8 @@ func (uc *AttestationUseCase) UploadToCAS(ctx context.Context, envelope *dsse.En hash.Write(jsonContent) digest := fmt.Sprintf("%x", hash.Sum(nil)) - if uc.CASClient.Configured() { - if err := uc.CASClient.Upload(ctx, secretID, bytes.NewBuffer(jsonContent), filename, digest); err != nil { - return "", fmt.Errorf("uploading to CAS: %w", err) - } - - return digest, nil - } - - uc.logger.Warnw("msg", "no CAS configured, falling back to old mechanism") - - // fallback to old mechanism, this will be removed once we force all the clients to use the CAS - // TODO: remove - uploader, err := uc.backendProvider.FromCredentials(ctx, secretID) - if err != nil { - return "", err - } - - if err := uploader.Upload(ctx, bytes.NewBuffer(jsonContent), &casAPI.CASResource{ - FileName: filename, Digest: digest, - }); err != nil { - return "", fmt.Errorf("uploading to OCI: %w", err) + if err := uc.CASClient.Upload(ctx, secretID, bytes.NewBuffer(jsonContent), filename, digest); err != nil { + return "", fmt.Errorf("uploading to CAS: %w", err) } return digest, nil diff --git a/app/controlplane/internal/biz/attestation_test.go b/app/controlplane/internal/biz/attestation_test.go index b037e68df..c6fcb7958 100644 --- a/app/controlplane/internal/biz/attestation_test.go +++ b/app/controlplane/internal/biz/attestation_test.go @@ -22,10 +22,8 @@ import ( "io" "testing" - casAPI "github.com/chainloop-dev/chainloop/app/artifact-cas/api/cas/v1" "github.com/chainloop-dev/chainloop/app/controlplane/internal/biz" "github.com/chainloop-dev/chainloop/app/controlplane/internal/biz/mocks" - blobmock "github.com/chainloop-dev/chainloop/internal/blobmanager/mocks" "github.com/google/uuid" "github.com/secure-systems-lab/go-securesystemslib/dsse" "github.com/stretchr/testify/assert" @@ -39,20 +37,6 @@ var envelope = &dsse.Envelope{} const expectedDigest = "f845058d865c3d4d491c9019f6afe9c543ad2cd11b31620cc512e341fb03d3d8" -// Deprecated method -func (s *attestationTestSuite) TestUploadToCASFallbackOCI() { - ctx := context.Background() - s.uploader.On("Upload", ctx, mock.Anything, &casAPI.CASResource{ - FileName: fmt.Sprintf("attestation-%s.json", runID), Digest: expectedDigest, - }).Return(nil) - - s.casClient.On("Configured").Return(false) - - gotDigest, err := s.uc.UploadToCAS(ctx, envelope, "my-secret", runID) - assert.NoError(s.T(), err) - assert.Equal(s.T(), expectedDigest, gotDigest) -} - func (s *attestationTestSuite) TestUploadToCAS() { ctx := context.Background() s.casClient.On( @@ -60,31 +44,11 @@ func (s *attestationTestSuite) TestUploadToCAS() { fmt.Sprintf("attestation-%s.json", runID), expectedDigest, ).Return(nil) - s.casClient.On("Configured").Return(true) - gotDigest, err := s.uc.UploadToCAS(ctx, envelope, "my-secret", runID) assert.NoError(s.T(), err) assert.Equal(s.T(), expectedDigest, gotDigest) } -func (s *attestationTestSuite) TestFetchFromStoreFallbackOCI() { - want := &biz.Attestation{Envelope: &dsse.Envelope{}} - - ctx := context.Background() - s.downloader.On("Download", ctx, mock.Anything, expectedDigest).Return(nil).Run( - func(args mock.Arguments) { - buf := args.Get(1).(io.Writer) - err := json.NewEncoder(buf).Encode(want) - require.NoError(s.T(), err) - }) - - s.casClient.On("Configured").Return(false) - - got, err := s.uc.FetchFromStore(ctx, "my-secret", expectedDigest) - assert.NoError(s.T(), err) - assert.Equal(s.T(), want, got) -} - func (s *attestationTestSuite) TestFetchFromStore() { want := &biz.Attestation{Envelope: &dsse.Envelope{}} @@ -96,8 +60,6 @@ func (s *attestationTestSuite) TestFetchFromStore() { require.NoError(s.T(), err) }) - s.casClient.On("Configured").Return(true) - got, err := s.uc.FetchFromStore(ctx, "my-secret", expectedDigest) assert.NoError(s.T(), err) assert.Equal(s.T(), want, got) @@ -108,22 +70,13 @@ func TestAttestation(t *testing.T) { } func (s *attestationTestSuite) SetupTest() { - backendProvider := blobmock.NewProvider(s.T()) - ociBackend := blobmock.NewUploaderDownloader(s.T()) - backendProvider.On("FromCredentials", mock.Anything, "my-secret").Maybe().Return(ociBackend, nil) - s.casClient = mocks.NewCASClient(s.T()) - s.uc = biz.NewAttestationUseCase(s.casClient, backendProvider, nil) - s.uploader = (*blobmock.Uploader)(ociBackend) - s.downloader = (*blobmock.Downloader)(ociBackend) + s.uc = biz.NewAttestationUseCase(s.casClient, nil) } // Utility struct to hold the test suite type attestationTestSuite struct { suite.Suite - uc *biz.AttestationUseCase - // Deprecated: attestation should use the casclient instead of the blobmanager - uploader *blobmock.Uploader - downloader *blobmock.Downloader - casClient *mocks.CASClient + uc *biz.AttestationUseCase + casClient *mocks.CASClient }