feat: brings back local attestation protection (#510)

Signed-off-by: Miguel Martinez Trivino <[email protected]>

Author: migmartri

app/cli/cmd/attestation_init.go

@@ -26,6 +26,7 @@ import (
 
 func newAttestationInitCmd() *cobra.Command {
 	var (
+		force             bool
 		contractRevision  int
 		attestationDryRun bool
 	)
@@ -41,6 +42,7 @@ func newAttestationInitCmd() *cobra.Command {
 				&action.AttestationInitOpts{
 					ActionsOpts: actionOpts,
 					DryRun:      attestationDryRun,
+					Force:       force,
 				},
 			)
 			if err != nil {
@@ -76,6 +78,8 @@ func newAttestationInitCmd() *cobra.Command {
 		},
 	}
 
+	// This option is only useful for local-based attestation states
+	cmd.Flags().BoolVarP(&force, "replace", "f", false, "replace any existing in-progress attestation")
 	cmd.Flags().BoolVar(&attestationDryRun, "dry-run", false, "do not record attestation in the control plane, useful for development")
 	cmd.Flags().IntVar(&contractRevision, "contract-revision", 0, "revision of the contract to retrieve, \"latest\" by default")
 

app/cli/internal/action/attestation_init.go

@@ -29,12 +29,16 @@ import (
 type AttestationInitOpts struct {
 	*ActionsOpts
 	DryRun bool
+	// Force the initialization and override any existing, in-progress ones.
+	// Note that this is only useful when local-based attestation state is configured
+	// since it's a protection to make sure you don't override the state by mistake
+	Force bool
 }
 
 type AttestationInit struct {
 	*ActionsOpts
-	dryRun bool
-	c      *crafter.Crafter
+	dryRun, force bool
+	c             *crafter.Crafter
 }
 
 // ErrAttestationAlreadyExist means that there is an attestation in progress
@@ -58,6 +62,7 @@ func NewAttestationInit(cfg *AttestationInitOpts) (*AttestationInit, error) {
 		ActionsOpts: cfg.ActionsOpts,
 		c:           c,
 		dryRun:      cfg.DryRun,
+		force:       cfg.Force,
 	}, nil
 }
 
@@ -67,6 +72,14 @@ func (action *AttestationInit) Run(ctx context.Context, contractRevision int) (s
 		return "", errors.New("remote state is not compatible with dry-run mode")
 	}
 
+	// During local initializations we need to make sure if there is already an attestation in progress
+	// If it is and we are not "forcing" the initialization, we should return an error
+	if !action.UseAttestationRemoteState && !action.force {
+		if initialized, _ := action.c.AlreadyInitialized(ctx, ""); initialized {
+			return "", ErrAttestationAlreadyExist
+		}
+	}
+
 	action.Logger.Debug().Msg("Retrieving attestation definition")
 	client := pb.NewAttestationServiceClient(action.ActionsOpts.CPConnection)
 	// get information of the workflow