inspect: parse sbom and provenance into json structs

Signed-off-by: Justin Chadwell <me@jedevc.com>
2025-11-01 00:23:56 +08:00 · 2023-01-09 18:09:43 +00:00
parent 19d16aa941
commit e68c566c1c
2 changed files with 49 additions and 37 deletions
--- a/util/imagetools/loader.go
+++ b/util/imagetools/loader.go
@@ -46,9 +46,9 @@ type index struct {
 }

 type asset struct {
-	config *ocispec.Image
-	sbom   *sbomStub
-	slsa   *slsaStub
+	config     *ocispec.Image
+	sbom       *sbomStub
+	provenance *provenanceStub
 }

 type result struct {
@@ -255,7 +255,7 @@ func (l *loader) scanConfig(ctx context.Context, fetcher remotes.Fetcher, desc o
 }

 type sbomStub struct {
-	SPDX json.RawMessage `json:",omitempty"`
+	SPDX interface{} `json:",omitempty"`
 }

 func (l *loader) scanSBOM(ctx context.Context, fetcher remotes.Fetcher, r *result, refs []digest.Digest, as *asset) error {
@@ -275,8 +275,14 @@ func (l *loader) scanSBOM(ctx context.Context, fetcher remotes.Fetcher, r *resul
 				if err != nil {
 					return err
 				}
+				var spdx struct {
+					Predicate interface{} `json:"predicate"`
+				}
+				if err := json.Unmarshal(dt, &spdx); err != nil {
+					return err
+				}
 				as.sbom = &sbomStub{
-					SPDX: dt,
+					SPDX: spdx.Predicate,
 				}
 				break
 			}
@@ -285,8 +291,8 @@ func (l *loader) scanSBOM(ctx context.Context, fetcher remotes.Fetcher, r *resul
 	return nil
 }

-type slsaStub struct {
-	Provenance json.RawMessage `json:",omitempty"`
+type provenanceStub struct {
+	SLSA interface{} `json:",omitempty"`
 }

 func (l *loader) scanProvenance(ctx context.Context, fetcher remotes.Fetcher, r *result, refs []digest.Digest, as *asset) error {
@@ -306,8 +312,14 @@ func (l *loader) scanProvenance(ctx context.Context, fetcher remotes.Fetcher, r
 				if err != nil {
 					return err
 				}
-				as.slsa = &slsaStub{
-					Provenance: dt,
+				var slsa struct {
+					Predicate interface{} `json:"predicate"`
+				}
+				if err := json.Unmarshal(dt, &slsa); err != nil {
+					return err
+				}
+				as.provenance = &provenanceStub{
+					SLSA: slsa.Predicate,
 				}
 				break
 			}
@@ -330,16 +342,16 @@ func (r *result) Configs() map[string]*ocispec.Image {
 	return res
 }

-func (r *result) SLSA() map[string]slsaStub {
+func (r *result) Provenance() map[string]provenanceStub {
 	if len(r.assets) == 0 {
 		return nil
 	}
-	res := make(map[string]slsaStub)
+	res := make(map[string]provenanceStub)
 	for p, a := range r.assets {
-		if a.slsa == nil {
+		if a.provenance == nil {
 			continue
 		}
-		res[p] = *a.slsa
+		res[p] = *a.provenance
 	}
 	return res
 }
--- a/util/imagetools/printers.go
+++ b/util/imagetools/printers.go
@@ -99,7 +99,7 @@ func (p *Printer) Print(raw bool, out io.Writer) error {
 	}

 	imageconfigs := res.Configs()
-	slsas := res.SLSA()
+	provenances := res.Provenance()
 	sboms := res.SBOM()
 	format := tpl.Root.String()

@@ -143,43 +143,43 @@ func (p *Printer) Print(raw bool, out io.Writer) error {
 	default:
 		if len(res.platforms) > 1 {
 			return tpl.Execute(out, struct {
-				Name     string                     `json:"name,omitempty"`
-				Manifest interface{}                `json:"manifest,omitempty"`
-				Image    map[string]*ocispecs.Image `json:"image,omitempty"`
-				SLSA     map[string]slsaStub        `json:"SLSA,omitempty"`
-				SBOM     map[string]sbomStub        `json:"SBOM,omitempty"`
+				Name       string                     `json:"name,omitempty"`
+				Manifest   interface{}                `json:"manifest,omitempty"`
+				Image      map[string]*ocispecs.Image `json:"image,omitempty"`
+				Provenance map[string]provenanceStub  `json:"Provenance,omitempty"`
+				SBOM       map[string]sbomStub        `json:"SBOM,omitempty"`
 			}{
-				Name:     p.name,
-				Manifest: mfst,
-				Image:    imageconfigs,
-				SLSA:     slsas,
-				SBOM:     sboms,
+				Name:       p.name,
+				Manifest:   mfst,
+				Image:      imageconfigs,
+				Provenance: provenances,
+				SBOM:       sboms,
 			})
 		}
 		var ic *ocispecs.Image
 		for _, v := range imageconfigs {
 			ic = v
 		}
-		var slsa slsaStub
-		for _, v := range slsas {
-			slsa = v
+		var provenance provenanceStub
+		for _, v := range provenances {
+			provenance = v
 		}
 		var sbom sbomStub
 		for _, v := range sboms {
 			sbom = v
 		}
 		return tpl.Execute(out, struct {
-			Name     string          `json:"name,omitempty"`
-			Manifest interface{}     `json:"manifest,omitempty"`
-			Image    *ocispecs.Image `json:"image,omitempty"`
-			SLSA     slsaStub        `json:"SLSA,omitempty"`
-			SBOM     sbomStub        `json:"SBOM,omitempty"`
+			Name       string          `json:"name,omitempty"`
+			Manifest   interface{}     `json:"manifest,omitempty"`
+			Image      *ocispecs.Image `json:"image,omitempty"`
+			Provenance provenanceStub  `json:"Provenance,omitempty"`
+			SBOM       sbomStub        `json:"SBOM,omitempty"`
 		}{
-			Name:     p.name,
-			Manifest: mfst,
-			Image:    ic,
-			SLSA:     slsa,
-			SBOM:     sbom,
+			Name:       p.name,
+			Manifest:   mfst,
+			Image:      ic,
+			Provenance: provenance,
+			SBOM:       sbom,
 		})
 	}