Use URLs for the predicate types

Signed-off-by: Facundo Tuesca <[email protected]>
sigstore · Sep 13, 2024 · 4ca5073 · 4ca5073
1 parent f580fbe
commit 4ca5073
Show file tree

Hide file tree

Showing 4 changed files with 11 additions and 13 deletions.
diff --git a/Makefile b/Makefile
@@ -135,7 +135,7 @@ check-readme:
 	    $(MAKE) -s run ARGS="sign --help" \
 	  )
 
-    # sigstore attest --help
+	# sigstore attest --help
 	@diff \
 	  <( \
 	    awk '/@begin-sigstore-attest-help@/{f=1;next} /@end-sigstore-attest-help@/{f=0} f' \

diff --git a/README.md b/README.md
@@ -180,6 +180,7 @@ Output options:
 ```
 <!-- @end-sigstore-sign-help@ -->
 
+
 ### Signing with DSSE envelopes
 
 <!-- @begin-sigstore-attest-help@ -->
@@ -205,7 +206,8 @@ DSSE options:
   --predicate FILE      Path to the predicate file (default: None)
   --predicate-type TYPE
                         Specify a predicate type
-                        (slsaprovenance0_2|slsaprovenance1_0) (default: None)
+                        (https://slsa.dev/provenance/v0.2,
+                        https://slsa.dev/provenance/v1) (default: None)
 
 OpenID Connect options:
   --identity-token TOKEN

diff --git a/sigstore/_cli.py b/sigstore/_cli.py
@@ -39,7 +39,7 @@
 from sigstore._utils import sha256_digest
 from sigstore.dsse import StatementBuilder, Subject
 from sigstore.dsse._predicate import (
-    PREDICATE_TYPES_CLI_MAP,
+    SUPPORTED_PREDICATE_TYPES,
     Predicate,
     PREDICATE_TYPE_SLSA_v0_2,
     PREDICATE_TYPE_SLSA_v1_0,
@@ -264,10 +264,10 @@ def _parser() -> argparse.ArgumentParser:
     dsse_options.add_argument(
         "--predicate-type",
         metavar="TYPE",
-        choices=PREDICATE_TYPES_CLI_MAP,
+        choices=SUPPORTED_PREDICATE_TYPES,
         type=str,
         required=True,
-        help=f"Specify a predicate type ({'|'.join(PREDICATE_TYPES_CLI_MAP)})",
+        help=f"Specify a predicate type ({', '.join(SUPPORTED_PREDICATE_TYPES)})",
     )
 
     oidc_options = attest.add_argument_group("OpenID Connect options")
@@ -797,15 +797,14 @@ def _attest(args: argparse.Namespace) -> None:
 
     try:
         with open(predicate_path, "r") as f:
-            predicate_type = PREDICATE_TYPES_CLI_MAP[args.predicate_type]
-            if predicate_type == PREDICATE_TYPE_SLSA_v0_2:
+            if args.predicate_type == PREDICATE_TYPE_SLSA_v0_2:
                 predicate: Predicate = SLSAPredicateV0_2.model_validate_json(f.read())
-            elif predicate_type == PREDICATE_TYPE_SLSA_v1_0:
+            elif args.predicate_type == PREDICATE_TYPE_SLSA_v1_0:
                 predicate = SLSAPredicateV1_0.model_validate_json(f.read())
             else:
                 _invalid_arguments(
                     args,
-                    f'Unsupported predicate type "{args.predicate_type}". Predicate type must be one of: {PREDICATE_TYPES_CLI_MAP}',
+                    f'Unsupported predicate type "{args.predicate_type}". Predicate type must be one of: {SUPPORTED_PREDICATE_TYPES}',
                 )
     except ValidationError as e:
         _invalid_arguments(

diff --git a/sigstore/dsse/_predicate.py b/sigstore/dsse/_predicate.py
@@ -32,10 +32,7 @@
 PREDICATE_TYPE_SLSA_v0_2 = "https://slsa.dev/provenance/v0.2"
 PREDICATE_TYPE_SLSA_v1_0 = "https://slsa.dev/provenance/v1"
 
-PREDICATE_TYPES_CLI_MAP = {
-    "slsaprovenance0_2": PREDICATE_TYPE_SLSA_v0_2,
-    "slsaprovenance1_0": PREDICATE_TYPE_SLSA_v1_0,
-}
+SUPPORTED_PREDICATE_TYPES = [PREDICATE_TYPE_SLSA_v0_2, PREDICATE_TYPE_SLSA_v1_0]
 
 # Common models