[backend] Add builder, invocation and metadata to ...

... provenance file.
openSUSE · Apr 25, 2022 · b4629c8 · b4629c8
1 parent 4c8d487
commit b4629c8
Show file tree

Hide file tree

Showing 2 changed files with 39 additions and 0 deletions.
diff --git a/src/backend/bs_worker b/src/backend/bs_worker
@@ -3235,6 +3235,25 @@ sub generate_slsa_provenance_statement {
     'subject' => $subject,
     'predicateType' => 'https://slsa.dev/provenance/v0.2',
     'predicate' => {
+      'builder' => {
+        'id' => $buildinfo->{'srcserver'}
+      },
+      'buildType' => 'https://open-build-server/worker',
+      'invocation' => {
+        'configSource' => {
+          'uri' => BSHTTP::urlencode("$buildinfo->{'srcserver'}/source/$buildinfo->{'project'}/$buildinfo->{'package'}")."?rev=$buildinfo->{'srcmd5'}",
+          'digest' => { 'md5' => $buildinfo->{'srcmd5'} }, # TODO: change to sha256
+          'entryPoint' => $buildinfo->{'file'},
+        },
+      },
+      'metadata' => {
+        'completeness' => {
+          'parameters' => 1,
+          'environment' => 1,
+          'materials' => 1,
+        },
+        'reproducible' => 0,
+      },
       'materials' => $buildinfo->{'materials'} || [],
     },
   };

diff --git a/src/backend/t/1000-bs_worker.t b/src/backend/t/1000-bs_worker.t
@@ -27,6 +27,7 @@ my $buildinfo = {
   package    => 'package1',
   srcmd5     => 'f157738ddea737a2b7479996175a6cec',
   verifymd5  => 'f157738ddea737a2b7479996175a6cec',
+  file       => 'hello_world.spec',
   bdep       => [
                   {
                     'notmeta' => '1',
@@ -199,6 +200,25 @@ my $expected_statement = {
   ],
   'predicateType' => 'https://slsa.dev/provenance/v0.2',
   'predicate' => {
+    'buildType' => 'https://open-build-server/worker',
+    'builder' => {
+      'id' => 'srcserver',
+    },
+    'invocation' => {
+      'configSource' => {
+        'uri' => 'srcserver/source/project1/package1?rev=f157738ddea737a2b7479996175a6cec',
+        'digest' => { 'md5' => 'f157738ddea737a2b7479996175a6cec' },
+        'entryPoint' => 'hello_world.spec',
+      },
+    },
+    'metadata' => {
+      'completeness' => {
+        'parameters' => 1,
+        'environment' => 1,
+        'materials' => 1,
+      },
+      'reproducible' => 0,
+    },
     'materials' => $expected_materials,
   }
 };