From a950ef3b989caabde7733ed0925c42b14fcbb3cb Mon Sep 17 00:00:00 2001
From: Jonny Stoten <jonny.stoten@docker.com>
Date: Fri, 21 Jun 2024 13:37:15 +0100
Subject: [PATCH] Update to attest 0.1.5

---
 go.mod                  | 2 +-
 go.sum                  | 4 ++--
 pkg/handler/validate.go | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/go.mod b/go.mod
index 8999708..c448134 100644
--- a/go.mod
+++ b/go.mod
@@ -3,7 +3,7 @@ module github.com/open-policy-agent/gatekeeper-external-data-provider
 go 1.22.1
 
 require (
-	github.com/docker/attest v0.1.5-0.20240618150600-86878482c3d9
+	github.com/docker/attest v0.1.5
 	github.com/google/go-containerregistry v0.19.2
 	github.com/in-toto/in-toto-golang v0.9.0
 	github.com/open-policy-agent/frameworks/constraint v0.0.0-20221214024800-b745745c4118
diff --git a/go.sum b/go.sum
index 3523ed0..5ea01ee 100644
--- a/go.sum
+++ b/go.sum
@@ -200,8 +200,8 @@ github.com/dimchansky/utfbom v1.1.1 h1:vV6w1AhK4VMnhBno/TPVCoK9U/LP0PkLCS9tbxHdi
 github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE=
 github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk=
 github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E=
-github.com/docker/attest v0.1.5-0.20240618150600-86878482c3d9 h1:R9vDQpPh1oMP44wMs4SdHjx1ssSqDcOZf8SDhixKLQM=
-github.com/docker/attest v0.1.5-0.20240618150600-86878482c3d9/go.mod h1:SPkBhLmVwKu1XRIHITm9/1Fq80nchhyI5x2fRB5MCwU=
+github.com/docker/attest v0.1.5 h1:ZJQyL9bu7k+qVyKQ2IB7315PWyK0XjXl7Lco3aRTq9U=
+github.com/docker/attest v0.1.5/go.mod h1:SPkBhLmVwKu1XRIHITm9/1Fq80nchhyI5x2fRB5MCwU=
 github.com/docker/cli v26.1.3+incompatible h1:bUpXT/N0kDE3VUHI2r5VMsYQgi38kYuoC0oL9yt3lqc=
 github.com/docker/cli v26.1.3+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
 github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk=
diff --git a/pkg/handler/validate.go b/pkg/handler/validate.go
index 051bccc..2df85d0 100644
--- a/pkg/handler/validate.go
+++ b/pkg/handler/validate.go
@@ -65,7 +65,7 @@ func validate(w http.ResponseWriter, req *http.Request) {
 
 	for _, key := range providerRequest.Request.Keys {
 		platform := "linux/amd64"
-		resolver, err := oci.NewRegistryAttestationResolver(key, platform)
+		src, err := oci.ParseImageSpec(key, oci.WithPlatform(platform))
 		if err != nil {
 			utils.SendResponse(nil, err.Error(), w)
 			return
@@ -80,7 +80,7 @@ func validate(w http.ResponseWriter, req *http.Request) {
 		ctx := req.Context()
 		debug := true
 		ctx = policy.WithPolicyEvaluator(ctx, policy.NewRegoEvaluator(debug))
-		result, err := attest.Verify(ctx, opts, resolver)
+		result, err := attest.Verify(ctx, src, opts)
 		if err != nil {
 			utils.SendResponse(nil, err.Error(), w)
 			return