Change Invocation Environment and Parameters type

According to the SLSA specification, these are [JSON objects](https://slsa.dev/provenance/v0.1). This commit changes their type from raw json to the more correct `map[string]interface{}`. Signed-off-by: Pieter Lexis <[email protected]>
philips-labs · Dec 9, 2021 · 50f8f05 · 50f8f05
1 parent 7ca7318
commit 50f8f05
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 9 deletions.
diff --git a/lib/github/github.go b/lib/github/github.go
@@ -83,5 +83,5 @@ type RunnerContext struct {
 // The only Event with dynamically-provided input is workflow_dispatch which
 // exposes the user params at the key "input."
 type AnyEvent struct {
-	Inputs json.RawMessage `json:"inputs"`
+	Inputs map[string]interface{} `json:"inputs"`
 }
diff --git a/lib/intoto/intoto.go b/lib/intoto/intoto.go
@@ -2,7 +2,6 @@ package intoto
 
 import (
 	"context"
-	"encoding/json"
 	"time"
 )
 
@@ -72,7 +71,7 @@ func WithMetadata(buildInvocationID string) StatementOption {
 }
 
 // WithInvocation sets the Predicate Invocation and Materials
-func WithInvocation(buildType, entryPoint string, environment json.RawMessage, parameters json.RawMessage, materials []Item) StatementOption {
+func WithInvocation(buildType, entryPoint string, environment map[string]interface{}, parameters map[string]interface{}, materials []Item) StatementOption {
 	return func(s *Statement) {
 		s.Predicate.BuildType = buildType
 		s.Predicate.Invocation = Invocation{
@@ -144,9 +143,9 @@ type Metadata struct {
 
 // Invocation Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible).
 type Invocation struct {
-	ConfigSource ConfigSource    `json:"configSource"`
-	Parameters   json.RawMessage `json:"parameters"`
-	Environment  json.RawMessage `json:"environment"`
+	ConfigSource ConfigSource           `json:"configSource"`
+	Parameters   map[string]interface{} `json:"parameters"`
+	Environment  map[string]interface{} `json:"environment"`
 }
 
 // ConfigSource Describes where the config file that kicked off the build came from.

diff --git a/lib/intoto/intoto_test.go b/lib/intoto/intoto_test.go
@@ -144,13 +144,16 @@ func TestSLSAProvenanceStatementJSON(t *testing.T) {
 	var stmt Statement
 	err = json.Unmarshal([]byte(jsonStatement), &stmt)
 	assert.NoError(err)
-	assertStatement(assert, &stmt, builderID, buildType, material, []byte(parametersJSON))
+	var params map[string]interface{}
+	err = json.Unmarshal([]byte(parametersJSON), &params)
+	assert.NoError(err)
+	assertStatement(assert, &stmt, builderID, buildType, material, params)
 
 	newStmt := SLSAProvenanceStatement(
 		WithSubject([]Subject{{Name: "salsa.txt", Digest: DigestSet{"sha256": "f8161d035cdf328c7bb124fce192cb90b603f34ca78d73e33b736b4f6bddf993"}}}),
 		WithBuilder(builderID),
 		WithMetadata("https://github.com/philips-labs/slsa-provenance-action/actions/runs/1303916967"),
-		WithInvocation(buildType, "ci.yaml:build", nil, []byte(parametersJSON), material),
+		WithInvocation(buildType, "ci.yaml:build", nil, params, material),
 	)
 
 	newStmtJSON, err := json.MarshalIndent(newStmt, "", "\t")
@@ -159,7 +162,7 @@ func TestSLSAProvenanceStatementJSON(t *testing.T) {
 	assert.Equal(jsonStatement, string(newStmtJSON))
 }
 
-func assertStatement(assert *assert.Assertions, stmt *Statement, builderID, buildType string, material []Item, parameters json.RawMessage) {
+func assertStatement(assert *assert.Assertions, stmt *Statement, builderID, buildType string, material []Item, parameters map[string]interface{}) {
 	i := stmt.Predicate.Invocation
 	assert.Equal(SlsaPredicateType, stmt.PredicateType)
 	assert.Equal(StatementType, stmt.Type)