Rename slsa_types package to slsa (#194)

* Rename slsa_types dir to slsa

Signed-off-by: Adolfo Garcia Veytia (puerco) <[email protected]>

* Rename slsa_types refs -> slsa

This commit renames all references to the slsa_types package to the new slsa name

Signed-off-by: Adolfo Garcia Veytia (puerco) <[email protected]>

---------

Signed-off-by: Adolfo Garcia Veytia (puerco) <[email protected]>

Author: puerco

sourcetool/pkg/attest/provenance.go

@@ -16,7 +16,7 @@ import (
 	"google.golang.org/protobuf/types/known/structpb"
 
 	"github.com/slsa-framework/slsa-source-poc/sourcetool/pkg/ghcontrol"
-	"github.com/slsa-framework/slsa-source-poc/sourcetool/pkg/slsa_types"
+	"github.com/slsa-framework/slsa-source-poc/sourcetool/pkg/slsa"
 )
 
 const SourceProvPredicateType = "https://github.com/slsa-framework/slsa-source-poc/source-provenance/v1-draft"
@@ -35,13 +35,13 @@ type SourceProvenancePred struct {
 	// TODO: get the author of the PR (if this was from a PR).
 
 	// The controls enabled at the time this commit was pushed.
-	Controls slsa_types.Controls `json:"controls"`
+	Controls slsa.Controls `json:"controls"`
 }
 
 // Summary of a summary
 type VsaSummary struct {
-	SourceRefs     []string                 `json:"source_refs"`
-	VerifiedLevels []slsa_types.ControlName `json:"verifiedLevels"`
+	SourceRefs     []string           `json:"source_refs"`
+	VerifiedLevels []slsa.ControlName `json:"verifiedLevels"`
 }
 
 type TagProvenancePred struct {
@@ -50,8 +50,8 @@ type TagProvenancePred struct {
 	Tag       string    `json:"tag"`
 	CreatedOn time.Time `json:"created_on"`
 	// The tag related controls enabled at the time this tag was created/updated.
-	Controls     slsa_types.Controls `json:"controls"`
-	VsaSummaries []VsaSummary        `json:"vsa_summaries"`
+	Controls     slsa.Controls `json:"controls"`
+	VsaSummaries []VsaSummary  `json:"vsa_summaries"`
 }
 
 type ProvenanceAttestor struct {
@@ -163,7 +163,7 @@ func (pa ProvenanceAttestor) createCurrentProvenance(ctx context.Context, commit
 	curProvPred.Controls = controlStatus.Controls
 
 	// At the very least provenance is available starting now. :)
-	curProvPred.Controls.AddControl(&slsa_types.Control{Name: slsa_types.ProvenanceAvailable, Since: curTime})
+	curProvPred.Controls.AddControl(&slsa.Control{Name: slsa.ProvenanceAvailable, Since: curTime})
 
 	return addPredToStatement(&curProvPred, SourceProvPredicateType, commit)
 }
@@ -265,7 +265,7 @@ func (pa ProvenanceAttestor) CreateSourceProvenance(ctx context.Context, prevAtt
 		if prevControl == nil {
 			continue
 		}
-		curControl.Since = slsa_types.EarlierTime(curControl.Since, prevControl.Since)
+		curControl.Since = slsa.EarlierTime(curControl.Since, prevControl.Since)
 		// Update the value.
 		curProvPred.Controls[i] = curControl
 	}
@@ -311,7 +311,7 @@ func (pa ProvenanceAttestor) CreateTagProvenance(ctx context.Context, commit, re
 		VsaSummaries: []VsaSummary{
 			{
 				SourceRefs:     vsaRefs,
-				VerifiedLevels: slsa_types.StringsToControlNames(vsaPred.VerifiedLevels),
+				VerifiedLevels: slsa.StringsToControlNames(vsaPred.VerifiedLevels),
 			},
 		},
 	}

sourcetool/pkg/attest/provenance_test.go

@@ -9,7 +9,7 @@ import (
 	"github.com/google/go-github/v69/github"
 	"github.com/migueleliasweb/go-github-mock/src/mock"
 	"github.com/slsa-framework/slsa-source-poc/sourcetool/pkg/ghcontrol"
-	"github.com/slsa-framework/slsa-source-poc/sourcetool/pkg/slsa_types"
+	"github.com/slsa-framework/slsa-source-poc/sourcetool/pkg/slsa"
 	"github.com/slsa-framework/slsa-source-poc/sourcetool/pkg/testsupport"
 )
 
@@ -31,7 +31,7 @@ func conditionsForTagImmutability() *github.RepositoryRulesetConditions {
 	}
 }
 
-func createTestVsa(t *testing.T, repoUri, ref, commit string, verifiedLevels slsa_types.SourceVerifiedLevels) string {
+func createTestVsa(t *testing.T, repoUri, ref, commit string, verifiedLevels slsa.SourceVerifiedLevels) string {
 	vsa, err := CreateUnsignedSourceVsa(repoUri, ref, commit, verifiedLevels, "test-policy")
 	if err != nil {
 		t.Fatalf("failure creating test vsa: %v", err)
@@ -121,7 +121,7 @@ func assertTagProvPredsEqual(t *testing.T, actual, expected TagProvenancePred) {
 }
 
 func TestCreateTagProvenance(t *testing.T) {
-	testVsa := createTestVsa(t, "http://repo", "refs/some/ref", "abc123", slsa_types.SourceVerifiedLevels{"TEST_LEVEL"})
+	testVsa := createTestVsa(t, "http://repo", "refs/some/ref", "abc123", slsa.SourceVerifiedLevels{"TEST_LEVEL"})
 
 	ghc := newTestGhConnection("owner", "repo", "branch",
 		newTagHygieneRulesetsResponse(123, github.RulesetTargetTag,
@@ -158,7 +158,7 @@ func TestCreateTagProvenance(t *testing.T) {
 		Actor:     "the-tag-pusher",
 		Tag:       "refs/tags/v1",
 		CreatedOn: rulesetOldTime,
-		Controls: []slsa_types.Control{
+		Controls: []slsa.Control{
 			{
 				Name:  "TAG_HYGIENE",
 				Since: rulesetOldTime,
@@ -167,7 +167,7 @@ func TestCreateTagProvenance(t *testing.T) {
 		VsaSummaries: []VsaSummary{
 			{
 				SourceRefs:     []string{"refs/some/ref"},
-				VerifiedLevels: []slsa_types.ControlName{"TEST_LEVEL"},
+				VerifiedLevels: []slsa.ControlName{"TEST_LEVEL"},
 			},
 		},
 	}

sourcetool/pkg/attest/statement.go

@@ -7,7 +7,7 @@ import (
 	"log"
 
 	spb "github.com/in-toto/attestation/go/v1"
-	"github.com/slsa-framework/slsa-source-poc/sourcetool/pkg/slsa_types"
+	"github.com/slsa-framework/slsa-source-poc/sourcetool/pkg/slsa"
 	"google.golang.org/protobuf/encoding/protojson"
 )
 
@@ -22,7 +22,7 @@ func NewBundleReader(reader *bufio.Reader, verifier Verifier) *BundleReader {
 
 func (br BundleReader) convertLineToStatement(line string) (*spb.Statement, error) {
 	// Is this a sigstore bundle with a statement?
-		vr, err := br.verifier.Verify(line)
+	vr, err := br.verifier.Verify(line)
 	if err == nil {
 		// This is it.
 		return vr.Statement, nil
@@ -43,11 +43,11 @@ func GetSourceRefsForCommit(vsaStatement *spb.Statement, commit string) ([]strin
 		return []string{}, fmt.Errorf("statement \n%v\n does not match commit %s", StatementToString(vsaStatement), commit)
 	}
 	annotations := subject.GetAnnotations()
-	sourceRefs, ok := annotations.Fields[slsa_types.SourceRefsAnnotation]
+	sourceRefs, ok := annotations.Fields[slsa.SourceRefsAnnotation]
 	if !ok {
 		// This used to be called 'source_branches', maybe this is an old VSA.
 		// TODO: remove once we're not worried about backward compatibility.
-		sourceRefs, ok = annotations.Fields[slsa_types.SourceBranchesAnnotation]
+		sourceRefs, ok = annotations.Fields[slsa.SourceBranchesAnnotation]
 		if !ok {
 			return []string{}, fmt.Errorf("no source_refs or source_branches annotation in VSA subject")
 		}

sourcetool/pkg/attest/vsa.go

@@ -10,15 +10,15 @@ import (
 	vpb "github.com/in-toto/attestation/go/predicates/vsa/v1"
 	spb "github.com/in-toto/attestation/go/v1"
 	"github.com/slsa-framework/slsa-source-poc/sourcetool/pkg/ghcontrol"
-	"github.com/slsa-framework/slsa-source-poc/sourcetool/pkg/slsa_types"
+	"github.com/slsa-framework/slsa-source-poc/sourcetool/pkg/slsa"
 	"google.golang.org/protobuf/encoding/protojson"
 	"google.golang.org/protobuf/types/known/structpb"
 	"google.golang.org/protobuf/types/known/timestamppb"
 )
 
 const VsaPredicateType = "https://slsa.dev/verification_summary/v1"
 
-func CreateUnsignedSourceVsa(repoUri, ref, commit string, verifiedLevels slsa_types.SourceVerifiedLevels, policy string) (string, error) {
+func CreateUnsignedSourceVsa(repoUri, ref, commit string, verifiedLevels slsa.SourceVerifiedLevels, policy string) (string, error) {
 	resourceUri := fmt.Sprintf("git+%s", repoUri)
 	vsaPred := &vpb.VerificationSummary{
 		Verifier: &vpb.VerificationSummary_Verifier{
@@ -27,15 +27,15 @@ func CreateUnsignedSourceVsa(repoUri, ref, commit string, verifiedLevels slsa_ty
 		ResourceUri:        resourceUri,
 		Policy:             &vpb.VerificationSummary_Policy{Uri: policy},
 		VerificationResult: "PASSED",
-		VerifiedLevels:     slsa_types.ControlNamesToStrings(verifiedLevels),
+		VerifiedLevels:     slsa.ControlNamesToStrings(verifiedLevels),
 	}
 
 	predJson, err := protojson.Marshal(vsaPred)
 	if err != nil {
 		return "", err
 	}
 
-	branchAnnotation := map[string]any{slsa_types.SourceRefsAnnotation: []any{ref}}
+	branchAnnotation := map[string]any{slsa.SourceRefsAnnotation: []any{ref}}
 	annotationStruct, err := structpb.NewStruct(branchAnnotation)
 	if err != nil {
 		return "", fmt.Errorf("creating struct from map: %w", err)

sourcetool/pkg/ghcontrol/checklevel.go

@@ -8,7 +8,7 @@ import (
 	"time"
 
 	"github.com/google/go-github/v69/github"
-	"github.com/slsa-framework/slsa-source-poc/sourcetool/pkg/slsa_types"
+	"github.com/slsa-framework/slsa-source-poc/sourcetool/pkg/slsa"
 )
 
 type actor struct {
@@ -69,7 +69,7 @@ type GhControlStatus struct {
 	ActivityType string
 	// The controls that are enabled according to the GitHub API.
 	// May not include other controls like if we have provenance.
-	Controls slsa_types.Controls
+	Controls slsa.Controls
 }
 
 func (ghc *GitHubConnection) ruleMeetsRequiresReview(rule *github.PullRequestBranchRule) bool {
@@ -80,7 +80,7 @@ func (ghc *GitHubConnection) ruleMeetsRequiresReview(rule *github.PullRequestBra
 }
 
 // Computes the continuity control returning nil if it's not enabled.
-func (ghc *GitHubConnection) computeContinuityControl(ctx context.Context, commit string, rules *github.BranchRules, activity *activity) (*slsa_types.Control, error) {
+func (ghc *GitHubConnection) computeContinuityControl(ctx context.Context, commit string, rules *github.BranchRules, activity *activity) (*slsa.Control, error) {
 	oldestDeletion, err := ghc.getOldestActiveRule(ctx, rules.Deletion)
 	if err != nil {
 		return nil, err
@@ -107,7 +107,7 @@ func (ghc *GitHubConnection) computeContinuityControl(ctx context.Context, commi
 		return nil, fmt.Errorf("commit %s created before (%v) the rule was enabled (%v), that shouldn't happen", commit, activity.Timestamp, newestRule.UpdatedAt.Time)
 	}
 
-	return &slsa_types.Control{Name: slsa_types.ContinuityEnforced, Since: newestRule.UpdatedAt.Time}, nil
+	return &slsa.Control{Name: slsa.ContinuityEnforced, Since: newestRule.UpdatedAt.Time}, nil
 }
 
 func enforcesTagHygiene(ruleset *github.RepositoryRuleset) bool {
@@ -123,7 +123,7 @@ func enforcesTagHygiene(ruleset *github.RepositoryRuleset) bool {
 	return false
 }
 
-func (ghc *GitHubConnection) computeTagHygieneControl(ctx context.Context, commit string, allRulesets []*github.RepositoryRuleset, activityTime *time.Time) (*slsa_types.Control, error) {
+func (ghc *GitHubConnection) computeTagHygieneControl(ctx context.Context, commit string, allRulesets []*github.RepositoryRuleset, activityTime *time.Time) (*slsa.Control, error) {
 	var validRuleset *github.RepositoryRuleset
 	for _, ruleset := range allRulesets {
 		if *ruleset.Target != github.RulesetTargetTag {
@@ -158,11 +158,11 @@ func (ghc *GitHubConnection) computeTagHygieneControl(ctx context.Context, commi
 		return nil, nil
 	}
 
-	return &slsa_types.Control{Name: slsa_types.TagHygiene, Since: validRuleset.UpdatedAt.Time}, nil
+	return &slsa.Control{Name: slsa.TagHygiene, Since: validRuleset.UpdatedAt.Time}, nil
 }
 
 // Computes the review control returning nil if it's not enabled.
-func (ghc *GitHubConnection) computeReviewControl(ctx context.Context, rules []*github.PullRequestBranchRule) (*slsa_types.Control, error) {
+func (ghc *GitHubConnection) computeReviewControl(ctx context.Context, rules []*github.PullRequestBranchRule) (*slsa.Control, error) {
 	var oldestActive *github.RepositoryRuleset
 	for _, rule := range rules {
 		if ghc.ruleMeetsRequiresReview(rule) {
@@ -179,16 +179,16 @@ func (ghc *GitHubConnection) computeReviewControl(ctx context.Context, rules []*
 	}
 
 	if oldestActive != nil {
-		return &slsa_types.Control{Name: slsa_types.ReviewEnforced, Since: oldestActive.UpdatedAt.Time}, nil
+		return &slsa.Control{Name: slsa.ReviewEnforced, Since: oldestActive.UpdatedAt.Time}, nil
 	}
 
 	return nil, nil
 }
 
-func (ghc *GitHubConnection) computeRequiredChecks(ctx context.Context, ghCheckRules []*github.RequiredStatusChecksBranchRule) ([]*slsa_types.Control, error) {
+func (ghc *GitHubConnection) computeRequiredChecks(ctx context.Context, ghCheckRules []*github.RequiredStatusChecksBranchRule) ([]*slsa.Control, error) {
 	// Only return the checks we're happy about.
 	// For now that's only stuff from the GitHub Actions app.
-	requiredChecks := []*slsa_types.Control{}
+	requiredChecks := []*slsa.Control{}
 	for _, ghCheckRule := range ghCheckRules {
 		ruleset, _, err := ghc.Client().Repositories.GetRuleset(ctx, ghc.Owner(), ghc.Repo(), ghCheckRule.RulesetID, false)
 		if err != nil {
@@ -204,7 +204,7 @@ func (ghc *GitHubConnection) computeRequiredChecks(ctx context.Context, ghCheckR
 				// Ignore untrusted integration id.
 				continue
 			}
-			requiredChecks = append(requiredChecks, &slsa_types.Control{
+			requiredChecks = append(requiredChecks, &slsa.Control{
 				Name:  CheckNameToControlName(check.Context),
 				Since: ruleset.UpdatedAt.Time,
 			})
@@ -242,7 +242,7 @@ func (ghc *GitHubConnection) GetBranchControls(ctx context.Context, commit, ref
 		CommitPushTime: activity.Timestamp,
 		ActivityType:   activity.ActivityType,
 		ActorLogin:     activity.Actor.Login,
-		Controls:       slsa_types.Controls{}}
+		Controls:       slsa.Controls{}}
 
 	branch := GetBranchFromRef(ref)
 	if branch == "" {
@@ -289,7 +289,7 @@ func (ghc *GitHubConnection) GetBranchControls(ctx context.Context, commit, ref
 func (ghc *GitHubConnection) GetTagControls(ctx context.Context, commit, ref string) (*GhControlStatus, error) {
 	controlStatus := GhControlStatus{
 		CommitPushTime: time.Now(),
-		Controls:       slsa_types.Controls{}}
+		Controls:       slsa.Controls{}}
 
 	allRulesets, _, err := ghc.Client().Repositories.GetAllRulesets(ctx, ghc.Owner(), ghc.Repo(), true)
 	if err != nil {

sourcetool/pkg/ghcontrol/checklevel_test.go

@@ -10,7 +10,7 @@ import (
 
 	"github.com/google/go-github/v69/github"
 	"github.com/migueleliasweb/go-github-mock/src/mock"
-	"github.com/slsa-framework/slsa-source-poc/sourcetool/pkg/slsa_types"
+	"github.com/slsa-framework/slsa-source-poc/sourcetool/pkg/slsa"
 )
 
 var curTime = time.Unix(1678886400, 0) // March 15, 2023 00:00:00 UTC
@@ -229,22 +229,22 @@ func TestBuiltinBranchControls(t *testing.T) {
 	tests := []struct {
 		branchRules     []branchRuleRawResponse
 		rulesetRules    *github.RepositoryRulesetRules
-		expectedControl slsa_types.ControlName
+		expectedControl slsa.ControlName
 	}{
 		{
 			branchRules:     createContinuityBranchRules(),
 			rulesetRules:    rulesForBranchContinuity(),
-			expectedControl: slsa_types.ContinuityEnforced,
+			expectedControl: slsa.ContinuityEnforced,
 		},
 		{
 			branchRules:     createReviewBranchRules(),
 			rulesetRules:    rulesForReviewEnforced(),
-			expectedControl: slsa_types.ReviewEnforced,
+			expectedControl: slsa.ReviewEnforced,
 		},
 		{
 			branchRules:     createTagHygieneRules(),
 			rulesetRules:    rulesForTagHygiene(),
-			expectedControl: slsa_types.TagHygiene,
+			expectedControl: slsa.TagHygiene,
 		},
 	}
 	for _, tt := range tests {
@@ -275,21 +275,21 @@ func TestGetBranchControlsRequiredChecks(t *testing.T) {
 	tests := []struct {
 		name                 string
 		checks               []branchRuleRawResponse
-		expectedControlNames []slsa_types.ControlName
+		expectedControlNames []slsa.ControlName
 	}{
 		{
 			name: "check with invalid id",
 			checks: createRequiredChecksRules([]*github.RuleStatusCheck{
 				{Context: "check-bad", IntegrationID: github.Ptr(int64(1))},
 			}),
-			expectedControlNames: []slsa_types.ControlName{},
+			expectedControlNames: []slsa.ControlName{},
 		},
 		{
 			name: "check using Github Actions",
 			checks: createRequiredChecksRules([]*github.RuleStatusCheck{
 				{Context: "check-good", IntegrationID: github.Ptr(int64(15368))},
 			}),
-			expectedControlNames: []slsa_types.ControlName{"GH_REQUIRED_CHECK_check-good"},
+			expectedControlNames: []slsa.ControlName{"GH_REQUIRED_CHECK_check-good"},
 		},
 	}
 	for _, tt := range tests {
@@ -306,7 +306,7 @@ func TestGetBranchControlsRequiredChecks(t *testing.T) {
 				t.Fatalf("Error getting branch controls: %v", err)
 			}
 
-			controlNames := []slsa_types.ControlName{}
+			controlNames := []slsa.ControlName{}
 			for _, control := range controlStatus.Controls {
 				controlNames = append(controlNames, control.Name)
 				if !control.Since.Equal(priorTime) {

sourcetool/pkg/ghcontrol/git_types.go

@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/slsa-framework/slsa-source-poc/sourcetool/pkg/slsa_types"
+	"github.com/slsa-framework/slsa-source-poc/sourcetool/pkg/slsa"
 )
 
 // Matches any reference type.
@@ -28,6 +28,6 @@ func GetTagFromRef(ref string) string {
 	return strings.TrimPrefix(ref, "refs/tags/")
 }
 
-func CheckNameToControlName(checkName string) slsa_types.ControlName {
-	return slsa_types.ControlName(fmt.Sprintf("GH_REQUIRED_CHECK_%s", checkName))
+func CheckNameToControlName(checkName string) slsa.ControlName {
+	return slsa.ControlName(fmt.Sprintf("GH_REQUIRED_CHECK_%s", checkName))
 }