remove comments

Author: mnsboev

evidence/cli/command_build.go

@@ -21,7 +21,6 @@ func NewEvidenceBuildCommand(ctx *components.Context, execute execCommandFunc) E
 }
 
 func (ebc *evidenceBuildCommand) CreateEvidence(ctx *components.Context, serverDetails *config.ServerDetails) error {
-	// Check if sigstore-bundle is provided (currently not supported for build evidence)
 	if ebc.ctx.GetStringFlagValue(sigstoreBundle) != "" {
 		return errorutils.CheckErrorf("--sigstore-bundle is currently not supported for build evidence. This feature may be supported in future releases.")
 	}

evidence/cli/command_cli.go

@@ -119,8 +119,6 @@ func validateCreateEvidenceCommonContext(ctx *components.Context) error {
 		return pluginsCommon.WrongNumberOfArgumentsHandler(ctx)
 	}
 
-	// If sigstore-bundle is provided, validate conflicting parameters
-	// We check both IsFlagSet and assertValueProvided to ensure the flag is both set and has a value
 	if ctx.IsFlagSet(sigstoreBundle) && assertValueProvided(ctx, sigstoreBundle) == nil {
 		if err := validateSigstoreBundleConflicts(ctx); err != nil {
 			return err
@@ -146,14 +144,9 @@ func validateCreateEvidenceCommonContext(ctx *components.Context) error {
 	return nil
 }
 
-// validateSigstoreBundleConflicts checks if conflicting parameters are provided when using sigstore-bundle.
-// When --sigstore-bundle is used, the following parameters cannot be provided:
-// --key, --key-alias, --predicate, --predicate-type
-// Returns an error if any conflicting parameters are found.
 func validateSigstoreBundleConflicts(ctx *components.Context) error {
 	var conflictingParams []string
 
-	// Check each conflicting parameter
 	if ctx.IsFlagSet(key) && ctx.GetStringFlagValue(key) != "" {
 		conflictingParams = append(conflictingParams, "--key")
 	}
@@ -203,7 +196,6 @@ func getAndValidateSubject(ctx *components.Context) ([]string, error) {
 	}
 
 	if len(foundSubjects) == 0 {
-		// If sigstore-bundle is provided, subject will be extracted from bundle
 		if ctx.IsFlagSet(sigstoreBundle) && assertValueProvided(ctx, sigstoreBundle) == nil {
 			return []string{subjectRepoPath}, nil // Return subjectRepoPath as the type for routing
 		}

evidence/cli/command_custom.go

@@ -20,7 +20,6 @@ func NewEvidenceCustomCommand(ctx *components.Context, execute execCommandFunc)
 	}
 }
 func (ecc *evidenceCustomCommand) CreateEvidence(_ *components.Context, serverDetails *config.ServerDetails) error {
-	// Validate that subject-sha256 is not used with sigstore-bundle
 	if ecc.ctx.GetStringFlagValue(sigstoreBundle) != "" && ecc.ctx.GetStringFlagValue(subjectSha256) != "" {
 		return errorutils.CheckErrorf("The parameter --subject-sha256 cannot be used with --sigstore-bundle. When using --sigstore-bundle, the subject hash is extracted from the bundle itself.")
 	}

evidence/cli/command_github.go

@@ -20,7 +20,6 @@ func NewEvidenceGitHubCommand(ctx *components.Context, execute execCommandFunc)
 }
 
 func (ebc *evidenceGitHubCommand) CreateEvidence(ctx *components.Context, serverDetails *config.ServerDetails) error {
-	// Check if sigstore-bundle is provided (currently not supported for GitHub evidence)
 	if ebc.ctx.GetStringFlagValue(sigstoreBundle) != "" {
 		return errorutils.CheckErrorf("--sigstore-bundle is currently not supported for GitHub evidence. This feature may be supported in future releases.")
 	}

evidence/cli/command_package.go

@@ -21,7 +21,6 @@ func NewEvidencePackageCommand(ctx *components.Context, execute execCommandFunc)
 }
 
 func (epc *evidencePackageCommand) CreateEvidence(ctx *components.Context, serverDetails *config.ServerDetails) error {
-	// Check if sigstore-bundle is provided (currently not supported for package evidence)
 	if epc.ctx.GetStringFlagValue(sigstoreBundle) != "" {
 		return errorutils.CheckErrorf("--sigstore-bundle is currently not supported for package evidence. This feature may be supported in future releases.")
 	}

evidence/cli/command_release_bundle.go

@@ -21,7 +21,6 @@ func NewEvidenceReleaseBundleCommand(ctx *components.Context, execute execComman
 }
 
 func (erc *evidenceReleaseBundleCommand) CreateEvidence(ctx *components.Context, serverDetails *config.ServerDetails) error {
-	// Check if sigstore-bundle is provided (currently not supported for release bundle evidence)
 	if erc.ctx.GetStringFlagValue(sigstoreBundle) != "" {
 		return errorutils.CheckErrorf("--sigstore-bundle is currently not supported for release bundle evidence. This feature may be supported in future releases.")
 	}

evidence/create/create_custom.go

@@ -1,7 +1,8 @@
 package create
 
 import (
-	"os"
+	"encoding/json"
+	"github.com/sigstore/sigstore-go/pkg/bundle"
 	"strings"
 
 	"github.com/jfrog/jfrog-cli-artifactory/evidence"
@@ -68,34 +69,25 @@ func (c *createEvidenceCustom) Run() error {
 	return nil
 }
 
-// processSigstoreBundle reads and processes a Sigstore bundle, returning the envelope and subject
 func (c *createEvidenceCustom) processSigstoreBundle() ([]byte, error) {
-	// Read the Sigstore bundle file
-	bundle, err := os.ReadFile(c.sigstoreBundlePath)
+	sigstoreBundle, err := sigstore.ParseBundle(c.sigstoreBundlePath)
 	if err != nil {
 		return nil, errorutils.CheckErrorf("failed to read sigstore bundle: %s", err.Error())
 	}
 
-	// Only extract subject from bundle if current subject is empty
 	if c.subjectRepoPath == "" {
-		extractedSubject, err := c.extractSubjectFromBundle()
+
+		extractedSubject, err := c.extractSubjectFromBundle(sigstoreBundle)
 		if err != nil {
 			return nil, err
 		}
 		c.subjectRepoPath = extractedSubject
 	}
 
-	return bundle, nil
+	return json.Marshal(sigstoreBundle)
 }
 
-func (c *createEvidenceCustom) extractSubjectFromBundle() (string, error) {
-	// Parse the bundle first
-	bundle, err := sigstore.ParseBundle(c.sigstoreBundlePath)
-	if err != nil {
-		return "", err
-	}
-
-	// Extract subject from the parsed bundle
+func (c *createEvidenceCustom) extractSubjectFromBundle(bundle *bundle.Bundle) (string, error) {
 	repoPath, err := sigstore.ExtractSubjectFromBundle(bundle)
 	if err != nil {
 		return "", err
@@ -104,7 +96,6 @@ func (c *createEvidenceCustom) extractSubjectFromBundle() (string, error) {
 	return repoPath, nil
 }
 
-// createDSSEEnvelope creates a DSSE envelope from the provided predicate and subject information
 func (c *createEvidenceCustom) createDSSEEnvelope() ([]byte, error) {
 	envelope, err := c.createEnvelope(c.subjectRepoPath, c.subjectSha256)
 	if err != nil {

evidence/sigstore/bundle_parser.go

@@ -7,9 +7,7 @@ import (
 	"github.com/sigstore/sigstore-go/pkg/bundle"
 )
 
-// ParseBundle reads and validates a sigstore bundle file using sigstore-go
 func ParseBundle(bundlePath string) (*bundle.Bundle, error) {
-	// Use sigstore-go to load the bundle
 	b, err := bundle.LoadJSONFromPath(bundlePath)
 	if err != nil {
 		return nil, errorutils.CheckErrorf("failed to parse sigstore bundle: %s", err.Error())
@@ -18,18 +16,14 @@ func ParseBundle(bundlePath string) (*bundle.Bundle, error) {
 	return b, nil
 }
 
-// GetDSSEEnvelope extracts the DSSE envelope from the bundle using sigstore types
 func GetDSSEEnvelope(b *bundle.Bundle) (*protodsse.Envelope, error) {
-	// Get the protobuf bundle
 	pb := b.Bundle
 
-	// Check if bundle contains DSSE envelope
 	content := pb.GetContent()
 	if content == nil {
 		return nil, errorutils.CheckErrorf("bundle does not contain content")
 	}
 
-	// Extract DSSE envelope based on content type
 	switch c := content.(type) {
 	case *protobundle.Bundle_DsseEnvelope:
 		if c.DsseEnvelope == nil {

evidence/sigstore/subject_extractor.go

@@ -8,39 +8,31 @@ import (
 	"github.com/sigstore/sigstore-go/pkg/bundle"
 )
 
-// ExtractSubjectFromBundle extracts subject information from a parsed bundle
 func ExtractSubjectFromBundle(b *bundle.Bundle) (repoPath string, err error) {
-	// Get DSSE envelope
 	envelope, err := GetDSSEEnvelope(b)
 	if err != nil {
 		return "", err
 	}
 
-	// Extract subject from envelope
 	return extractSubjectFromEnvelope(envelope)
 }
 
-// extractSubjectFromEnvelope extracts subject information from a protobuf DSSE envelope
 func extractSubjectFromEnvelope(envelope *protodsse.Envelope) (repoPath string, err error) {
 	if envelope == nil {
 		return "", errorutils.CheckErrorf("envelope is nil")
 	}
 
-	// Parse the payload as In-toto statement
 	var statement map[string]interface{}
 	if err := json.Unmarshal(envelope.Payload, &statement); err != nil {
 		return "", errorutils.CheckErrorf("failed to parse statement from DSSE payload: %s", err.Error())
 	}
 
-	// Try to extract repo path from the statement
 	repoPath = extractRepoPathFromStatement(statement)
 
 	return repoPath, nil
 }
 
-// extractRepoPathFromStatement attempts to extract repo path from various fields in the statement
 func extractRepoPathFromStatement(statement map[string]interface{}) string {
-	// Try to get from subject name first
 	if subjects, ok := statement["subject"].([]interface{}); ok && len(subjects) > 0 {
 		if subject, ok := subjects[0].(map[string]interface{}); ok {
 			if name, ok := subject["name"].(string); ok && name != "" {
@@ -49,9 +41,7 @@ func extractRepoPathFromStatement(statement map[string]interface{}) string {
 		}
 	}
 
-	// Try to extract from predicate
 	if predicate, ok := statement["predicate"].(map[string]interface{}); ok {
-		// Check artifact field
 		if artifact, ok := predicate["artifact"].(map[string]interface{}); ok {
 			if path, ok := artifact["path"].(string); ok && path != "" {
 				return path
@@ -61,7 +51,6 @@ func extractRepoPathFromStatement(statement map[string]interface{}) string {
 			}
 		}
 
-		// Check subject field in predicate
 		if subject, ok := predicate["subject"].(map[string]interface{}); ok {
 			if path, ok := subject["path"].(string); ok && path != "" {
 				return path
@@ -71,7 +60,6 @@ func extractRepoPathFromStatement(statement map[string]interface{}) string {
 			}
 		}
 
-		// Check materials field (SLSA predicates)
 		if materials, ok := predicate["materials"].([]interface{}); ok && len(materials) > 0 {
 			if material, ok := materials[0].(map[string]interface{}); ok {
 				if uri, ok := material["uri"].(string); ok && uri != "" {