func GetVerifiedEnvelopes()

in pkg/provenance/envelopes.go [34:64]


func GetVerifiedEnvelopes(ctx context.Context, resourceURI string) ([]*Envelope, error) {
	atts, err := container.VerifyAndGetAttestations(ctx, resourceURI)
	if err != nil {
		return nil, errors.Wrap(err, "error getting verified envelopes")
	}

	envs := []*Envelope{}
	for _, att := range atts {
		env, err := dsse.AttestationToEnvelope(att)
		if err != nil {
			return nil, errors.Wrap(err, "error getting verified envelopes")
		}

		decodedEnv, err := dsse.GetDecodedEnvelope(env)
		if err != nil {
			return nil, errors.Wrap(err, "error decoding verified envelopes")
		}

		// Check in-toto version and slsa predicate type
		penv, err := getEnvelope(decodedEnv)
		if err != nil {
			return nil, errors.Wrap(err, "error decoding verified envelopes")
		}

		log.Debug().Msgf("In-Toto Type (%s), PredicateType (%s)", penv.IntotoType, penv.IntotoPredicateType)

		envs = append(envs, penv)
	}

	return envs, nil
}