in pkg/provenance/envelopes.go [34:64]
func GetVerifiedEnvelopes(ctx context.Context, resourceURI string) ([]*Envelope, error) {
atts, err := container.VerifyAndGetAttestations(ctx, resourceURI)
if err != nil {
return nil, errors.Wrap(err, "error getting verified envelopes")
}
envs := []*Envelope{}
for _, att := range atts {
env, err := dsse.AttestationToEnvelope(att)
if err != nil {
return nil, errors.Wrap(err, "error getting verified envelopes")
}
decodedEnv, err := dsse.GetDecodedEnvelope(env)
if err != nil {
return nil, errors.Wrap(err, "error decoding verified envelopes")
}
// Check in-toto version and slsa predicate type
penv, err := getEnvelope(decodedEnv)
if err != nil {
return nil, errors.Wrap(err, "error decoding verified envelopes")
}
log.Debug().Msgf("In-Toto Type (%s), PredicateType (%s)", penv.IntotoType, penv.IntotoPredicateType)
envs = append(envs, penv)
}
return envs, nil
}