github.com/redhat-appstudio/e2e-tests@v0.0.0-20240520140907-9709f6f59323/pkg/utils/tekton/cosign_results.go (about) 1 package tekton 2 3 import ( 4 "fmt" 5 "strings" 6 ) 7 8 type CosignResult struct { 9 SignatureImageRef string 10 AttestationImageRef string 11 } 12 13 // FindCosignResultsForImage looks for .sig and .att image tags in the OpenShift image stream for the provided image reference. 14 // If none can be found errors.IsNotFound(err) is true, when err is nil CosignResult contains image references for signature and attestation images, otherwise other errors could be returned. 15 func FindCosignResultsForImage(imageRef string) (*CosignResult, error) { 16 var errMsg string 17 // Split the image ref into image repo+tag (e.g quay.io/repo/name:tag), and image digest (sha256:abcd...) 18 imageInfo := strings.Split(imageRef, "@") 19 imageRegistryName := strings.Split(imageInfo[0], "/")[0] 20 // imageRepoName is stripped from container registry name and a tag e.g. "quay.io/<org>/<repo>:tagprefix" => "<org>/<repo>" 21 imageRepoName := strings.Split(strings.TrimPrefix(imageInfo[0], fmt.Sprintf("%s/", imageRegistryName)), ":")[0] 22 // Cosign creates tags for attestation and signature based on the image digest. Compute 23 // the expected prefix for later usage: sha256:abcd... -> sha256-abcd... 24 // Also, this prefix is really the prefix of the image tag resource which follows the 25 // format: <image-repo>:<tag-name> 26 imageTagPrefix := strings.Replace(imageInfo[1], ":", "-", 1) 27 28 results := CosignResult{} 29 signatureTag, err := getImageInfoFromQuay(imageRepoName, imageTagPrefix+".sig") 30 if err != nil { 31 errMsg += fmt.Sprintf("error when getting signature tag: %+v\n", err) 32 } else { 33 results.SignatureImageRef = signatureTag.ImageRef 34 } 35 36 attestationTag, err := getImageInfoFromQuay(imageRepoName, imageTagPrefix+".att") 37 if err != nil { 38 errMsg += fmt.Sprintf("error when getting attestation tag: %+v\n", err) 39 } else { 40 results.AttestationImageRef = attestationTag.ImageRef 41 } 42 43 if len(errMsg) > 0 { 44 return &results, fmt.Errorf("failed to find cosign results for image %s: %s", imageRef, errMsg) 45 } 46 47 return &results, nil 48 } 49 50 // IsPresent checks if CosignResult is present. 51 func (c CosignResult) IsPresent() bool { 52 return c.SignatureImageRef != "" && c.AttestationImageRef != "" 53 } 54 55 // Missing checks if CosignResult is missing. 56 func (c CosignResult) Missing(prefix string) string { 57 var ret []string = make([]string, 0, 2) 58 if c.SignatureImageRef == "" { 59 ret = append(ret, prefix+".sig") 60 } 61 62 if c.AttestationImageRef == "" { 63 ret = append(ret, prefix+".att") 64 } 65 66 return strings.Join(ret, " and ") 67 }