-
Notifications
You must be signed in to change notification settings - Fork 164
/
main.go
97 lines (88 loc) · 3.2 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
/*
Copyright 2022 The Knative Authors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package main
import (
"encoding/json"
"fmt"
"os"
"github.com/spf13/cobra"
"knative.dev/test-infra/tools/provenance-generator/pkg"
)
func main() {
config := pkg.Config{
EntryPointOptsVariable: "ENTRYPOINT_OPTIONS",
}
rootCmd := &cobra.Command{
Long: `Knative SLSA Provenance Generator. This tool reads information from prow and generates a SLSA attestation.
SLSA Specification https://slsa.dev/provenance/v0.2`,
PreRunE: func(cmd *cobra.Command, args []string) error {
//Check if either image-refs or file-checksums is set.
flag1, err := cmd.Flags().GetString("image-refs")
if err != nil {
return err
}
flag2, err := cmd.Flags().GetString("file-checksums")
if err != nil {
return err
}
if flag1 == "" && flag2 == "" {
err = fmt.Errorf("you must specify either image-refs or file-checksums flag")
return err
}
prowUrl, err := cmd.Flags().GetString("prow-url")
if err != nil {
return err
}
config.ProwUrl = prowUrl
return err
},
RunE: func(cmd *cobra.Command, args []string) error {
config = pkg.LoadParameters(config)
attestation := pkg.GenerateAttestation(config)
output, err := cmd.Flags().GetString("output")
if err != nil {
return err
}
predicateOnly, err := cmd.Flags().GetBool("predicate-only")
if err != nil {
return err
}
if predicateOnly {
// Need to move this logic to the bom library
jsonData, err := json.Marshal(attestation.Predicate)
if err != nil {
return err
}
if err := os.WriteFile(output, jsonData, os.FileMode(0o644)); err != nil {
return fmt.Errorf("writing predicate file: %w", err)
}
} else {
if err = attestation.Write(output); err != nil {
return fmt.Errorf("failed to write attestation: %v", err)
}
}
return nil
},
}
rootCmd.Flags().StringVar(&config.CloneLogPath, "clone-log", "", "path to clone.json generated by Prow")
rootCmd.Flags().StringVar(&config.ImageReferencePath, "image-refs", "", "path to the file of the image references generated by ko")
rootCmd.Flags().StringVar(&config.FileCheckSumPath, "file-checksums", "", "path to file checksums generated during the build")
rootCmd.Flags().String("output", "attestation.json", "path to the file where the attestation/predicate will be written to")
rootCmd.Flags().String("prow-url", "https://prow.knative.dev", "the url of the prow server, for example https://prow.knative.dev")
rootCmd.Flags().Bool("predicate-only", true, "Set this to true to generate a Predicate only.")
rootCmd.MarkFlagsMutuallyExclusive("image-refs", "file-checksums")
rootCmd.MarkFlagRequired("clone-log")
if err := rootCmd.Execute(); err != nil {
os.Exit(1)
}
}