From ec1c994f04bb80cf5a4236eb41a0e603bb6efa4b Mon Sep 17 00:00:00 2001 From: James Carnegie Date: Thu, 16 May 2024 15:34:19 +0100 Subject: [PATCH] Use id/policy-id in mapping.yaml (#32) --- pkg/policy/policy.go | 10 +++++----- pkg/policy/testdata/mock-tuf-allow/mapping.yaml | 2 +- pkg/policy/testdata/mock-tuf-deny/mapping.yaml | 2 +- pkg/policy/testdata/mock-tuf-verify-sig/mapping.yaml | 2 +- pkg/policy/testdata/mock-tuf-wrong-key/mapping.yaml | 2 +- test/testdata/local-policy/mapping.yaml | 4 ++-- 6 files changed, 11 insertions(+), 11 deletions(-) diff --git a/pkg/policy/policy.go b/pkg/policy/policy.go index bb6a963..3086515 100644 --- a/pkg/policy/policy.go +++ b/pkg/policy/policy.go @@ -28,7 +28,7 @@ type PolicyMappings struct { } type PolicyMapping struct { - Name string `json:"namespace"` + Id string `json:"id"` Description string `json:"description"` Origin PolicyOrigin `json:"origin"` Files []PolicyMappingFile `json:"files"` @@ -39,8 +39,8 @@ type PolicyMappingFile struct { } type PolicyMirror struct { - Name string `json:"name"` - Mirror MirrorSpec `json:"mirror"` + PolicyId string `json:"policy-id"` + Mirror MirrorSpec `json:"mirror"` } type MirrorSpec struct { @@ -152,7 +152,7 @@ func findPolicyMatch(named reference.Named, mappings *PolicyMappings) (*PolicyMa if slices.Contains(mirror.Mirror.Domains, reference.Domain(named)) && strings.HasPrefix(reference.Path(named), mirror.Mirror.Prefix) { for _, mapping := range mappings.Policies { - if mapping.Name == mirror.Name { + if mapping.Id == mirror.PolicyId { return &mapping, nil } } @@ -189,7 +189,7 @@ func ResolvePolicy(ctx context.Context, resolver oci.AttestationResolver, opts * // it's a mirror of a tuf policy if mirror != nil { for _, mapping := range tufMappings.Policies { - if mapping.Name == mirror.Name { + if mapping.Id == mirror.PolicyId { return resolveTufPolicy(opts, &mapping) } } diff --git a/pkg/policy/testdata/mock-tuf-allow/mapping.yaml b/pkg/policy/testdata/mock-tuf-allow/mapping.yaml index 794a132..1aa09d7 100644 --- a/pkg/policy/testdata/mock-tuf-allow/mapping.yaml +++ b/pkg/policy/testdata/mock-tuf-allow/mapping.yaml @@ -5,7 +5,7 @@ policies: - origin: domain: docker.io prefix: library/ - name: docker-official-images + id: docker-official-images description: Docker Official Images files: - path: doi/policy.rego diff --git a/pkg/policy/testdata/mock-tuf-deny/mapping.yaml b/pkg/policy/testdata/mock-tuf-deny/mapping.yaml index 794a132..1aa09d7 100644 --- a/pkg/policy/testdata/mock-tuf-deny/mapping.yaml +++ b/pkg/policy/testdata/mock-tuf-deny/mapping.yaml @@ -5,7 +5,7 @@ policies: - origin: domain: docker.io prefix: library/ - name: docker-official-images + id: docker-official-images description: Docker Official Images files: - path: doi/policy.rego diff --git a/pkg/policy/testdata/mock-tuf-verify-sig/mapping.yaml b/pkg/policy/testdata/mock-tuf-verify-sig/mapping.yaml index 794a132..1aa09d7 100644 --- a/pkg/policy/testdata/mock-tuf-verify-sig/mapping.yaml +++ b/pkg/policy/testdata/mock-tuf-verify-sig/mapping.yaml @@ -5,7 +5,7 @@ policies: - origin: domain: docker.io prefix: library/ - name: docker-official-images + id: docker-official-images description: Docker Official Images files: - path: doi/policy.rego diff --git a/pkg/policy/testdata/mock-tuf-wrong-key/mapping.yaml b/pkg/policy/testdata/mock-tuf-wrong-key/mapping.yaml index 794a132..1aa09d7 100644 --- a/pkg/policy/testdata/mock-tuf-wrong-key/mapping.yaml +++ b/pkg/policy/testdata/mock-tuf-wrong-key/mapping.yaml @@ -5,7 +5,7 @@ policies: - origin: domain: docker.io prefix: library/ - name: docker-official-images + id: docker-official-images description: Docker Official Images files: - path: doi/policy.rego diff --git a/test/testdata/local-policy/mapping.yaml b/test/testdata/local-policy/mapping.yaml index 8a928d7..1e2d18f 100644 --- a/test/testdata/local-policy/mapping.yaml +++ b/test/testdata/local-policy/mapping.yaml @@ -5,14 +5,14 @@ policies: - origin: domain: docker.io prefix: library/ - name: test-images + id: test-images description: Local test images files: - path: doi/data.yaml - path: doi/policy.rego mirrors: - - name: test-images + - policy-id: test-images mirror: domains: [localhost:5001] prefix: ""