chore(policies): decouple evaluations representation (#1294)

Signed-off-by: Jose I. Paris <[email protected]>

Author: jiparis

app/cli/cmd/workflow_workflow_run_describe.go

@@ -25,8 +25,7 @@ import (
 	"time"
 
 	"github.com/chainloop-dev/chainloop/app/cli/internal/action"
-	v1 "github.com/chainloop-dev/chainloop/pkg/attestation/crafter/api/attestation/v1"
-	"github.com/chainloop-dev/chainloop/pkg/attestation/renderer"
+	"github.com/chainloop-dev/chainloop/pkg/attestation/renderer/chainloop"
 	"github.com/jedib0t/go-pretty/v6/table"
 	"github.com/jedib0t/go-pretty/v6/text"
 	"github.com/muesli/reflow/wrap"
@@ -196,7 +195,7 @@ func predicateV1Table(att *action.WorkflowRunAttestationItem) {
 					mt.AppendRow(table.Row{"", fmt.Sprintf("%s: %s", a.Name, a.Value)})
 				}
 			}
-			evs := att.PolicyEvaluations[m.Name].GetEvaluations()
+			evs := att.PolicyEvaluations[m.Name]
 			if len(evs) > 0 {
 				mt.AppendSeparator()
 				mt.AppendRow(table.Row{"Policies"})
@@ -221,7 +220,7 @@ func predicateV1Table(att *action.WorkflowRunAttestationItem) {
 		mt.Render()
 	}
 
-	evs := att.PolicyEvaluations[renderer.AttPolicyEvaluation].GetEvaluations()
+	evs := att.PolicyEvaluations[chainloop.AttPolicyEvaluation]
 	if len(evs) > 0 {
 		mt := newTableWriter()
 		mt.SetTitle("Attestation policies")
@@ -230,7 +229,7 @@ func predicateV1Table(att *action.WorkflowRunAttestationItem) {
 	}
 }
 
-func policiesTable(evs []*v1.PolicyEvaluation, mt table.Writer) {
+func policiesTable(evs []*action.PolicyEvaluation, mt table.Writer) {
 	for _, ev := range evs {
 		mt.AppendSeparator()
 		mt.AppendRow(table.Row{"Policy", ev.Name})

app/cli/internal/action/workflow_run_describe.go

@@ -56,7 +56,7 @@ type WorkflowRunAttestationItem struct {
 	// Digest in CAS backend
 	Digest string `json:"digest"`
 	// Policy violations
-	PolicyEvaluations map[string]*pb.PolicyEvaluations `json:"policy_evaluations,omitempty"`
+	PolicyEvaluations map[string][]*PolicyEvaluation `json:"policy_evaluations,omitempty"`
 }
 
 type Material struct {
@@ -81,6 +81,28 @@ type Annotation struct {
 	Value string `json:"value"`
 }
 
+type PolicyEvaluation struct {
+	Name            string             `json:"name"`
+	MaterialName    string             `json:"material_name,omitempty"`
+	Body            string             `json:"body,omitempty"`
+	Description     string             `json:"description,omitempty"`
+	Annotations     map[string]string  `json:"annotations,omitempty"`
+	Violations      []*PolicyViolation `json:"violations,omitempty"`
+	PolicyReference *PolicyReference   `json:"policy_reference,omitempty"`
+	With            map[string]string  `json:"with,omitempty"`
+	Type            string             `json:"type"`
+}
+
+type PolicyViolation struct {
+	Subject string `json:"subject"`
+	Message string `json:"message"`
+}
+
+type PolicyReference struct {
+	Name   string            `json:"name"`
+	Digest map[string]string `json:"digest"`
+}
+
 func (i *WorkflowRunAttestationItem) Statement() *intoto.Statement {
 	return i.statement
 }
@@ -171,19 +193,56 @@ func (action *WorkflowRunDescribe) Run(ctx context.Context, opts *WorkflowRunDes
 		})
 	}
 
+	evaluations := make(map[string][]*PolicyEvaluation)
+	for k, v := range attestation.GetPolicyEvaluations() {
+		evs := make([]*PolicyEvaluation, 0)
+		for _, ev := range v.Evaluations {
+			evs = append(evs, policyEvaluationPBToAction(ev))
+		}
+		evaluations[k] = evs
+	}
+
 	item.Attestation = &WorkflowRunAttestationItem{
 		Envelope:          envelope,
 		statement:         statement,
 		EnvVars:           envVars,
 		Materials:         materials,
 		Annotations:       annotations,
 		Digest:            attestation.DigestInCasBackend,
-		PolicyEvaluations: attestation.PolicyEvaluations,
+		PolicyEvaluations: evaluations,
 	}
 
 	return item, nil
 }
 
+func policyEvaluationPBToAction(in *pb.PolicyEvaluation) *PolicyEvaluation {
+	var pr *PolicyReference
+	if in.PolicyReference != nil {
+		pr = &PolicyReference{
+			Name:   in.PolicyReference.Name,
+			Digest: in.PolicyReference.Digest,
+		}
+	}
+	violations := make([]*PolicyViolation, 0, len(in.Violations))
+	for _, v := range in.Violations {
+		violations = append(violations, &PolicyViolation{
+			Subject: v.Subject,
+			Message: v.Message,
+		})
+	}
+	return &PolicyEvaluation{
+		Name:            in.Name,
+		MaterialName:    in.MaterialName,
+		Body:            in.Body,
+		Description:     in.Description,
+		Annotations:     in.Annotations,
+		With:            in.With,
+		Type:            in.Type,
+		PolicyReference: pr,
+		Violations:      violations,
+	}
+}
+
 func materialPBToAction(in *pb.AttestationItem_Material) *Material {
 	m := &Material{
 		Name:           in.Name,