only make the vsa available. having it in the output isnt necessary now

enterprise-contract · Nov 6, 2023 · 07d97c6 · 07d97c6
1 parent 49b0bc6
commit 07d97c6
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 17 deletions.
diff --git a/internal/image/validate.go b/internal/image/validate.go
@@ -118,9 +118,6 @@ func ValidateImage(ctx context.Context, comp app.SnapshotComponent, p policy.Pol
 		}
 		allResults = append(allResults, results...)
 		out.Data = append(out.Data, data)
-		out.Vsa = append(out.Vsa,
-			attestation.VsaFromImageValidation(time.Now().String(), results, e.GetPolicySources(), p, a.Attestations()),
-		)
 	}
 
 	out.PolicyInput = inputJSON

diff --git a/internal/output/output.go b/internal/output/output.go
@@ -75,20 +75,19 @@ func (v VerificationStatus) addToSuccesses(successes []evaluator.Result) []evalu
 
 // Output is a struct representing checks and exit code.
 type Output struct {
-	ImageAccessibleCheck      VerificationStatus                   `json:"imageAccessibleCheck"`
-	ImageSignatureCheck       VerificationStatus                   `json:"imageSignatureCheck"`
-	AttestationSignatureCheck VerificationStatus                   `json:"attestationSignatureCheck"`
-	AttestationSyntaxCheck    VerificationStatus                   `json:"attestationSyntaxCheck"`
-	PolicyCheck               []evaluator.Outcome                  `json:"policyCheck"`
-	ExitCode                  int                                  `json:"-"`
-	Signatures                []signature.EntitySignature          `json:"signatures,omitempty"`
-	Attestations              []attestation.Attestation            `json:"attestations,omitempty"`
-	ImageURL                  string                               `json:"-"`
-	Detailed                  bool                                 `json:"-"`
-	Data                      []evaluator.Data                     `json:"-"`
-	Policy                    policy.Policy                        `json:"-"`
-	PolicyInput               []byte                               `json:"-"`
-	Vsa                       []attestation.ProvenanceStatementVSA `json:"vsa"`
+	ImageAccessibleCheck      VerificationStatus          `json:"imageAccessibleCheck"`
+	ImageSignatureCheck       VerificationStatus          `json:"imageSignatureCheck"`
+	AttestationSignatureCheck VerificationStatus          `json:"attestationSignatureCheck"`
+	AttestationSyntaxCheck    VerificationStatus          `json:"attestationSyntaxCheck"`
+	PolicyCheck               []evaluator.Outcome         `json:"policyCheck"`
+	ExitCode                  int                         `json:"-"`
+	Signatures                []signature.EntitySignature `json:"signatures,omitempty"`
+	Attestations              []attestation.Attestation   `json:"attestations,omitempty"`
+	ImageURL                  string                      `json:"-"`
+	Detailed                  bool                        `json:"-"`
+	Data                      []evaluator.Data            `json:"-"`
+	Policy                    policy.Policy               `json:"-"`
+	PolicyInput               []byte                      `json:"-"`
 }
 
 // SetImageAccessibleCheck sets the passed and result.message fields of the ImageAccessibleCheck to the given values.