renamme IssuerMetadata

Signed-off-by: Javan lacerda <javanlacerda@google.com>
sigstore · Jun 30, 2024 · 397eee3 · 397eee3
1 parent 13e7059
commit 397eee3
Show file tree

Hide file tree

Showing 4 changed files with 16 additions and 16 deletions.
diff --git a/pkg/config/config.go b/pkg/config/config.go
@@ -67,18 +67,18 @@ type FulcioConfig struct {
 	// The CI provider has a generic logic for ci providers, this metadata is used
 	// to define the right behavior for each ci provider that is defined
 	// on the configuration file
-	CIIssuerMetadata map[string]DefaultTemplateValues
+	CIIssuerMetadata map[string]IssuerMetadata
 
 	// verifiers is a fixed mapping from our OIDCIssuers to their OIDC verifiers.
 	verifiers map[string][]*verifierWithConfig
 	// lru is an LRU cache of recently used verifiers for our meta issuers.
 	lru *lru.TwoQueueCache
 }
 
-type DefaultTemplateValues struct {
+type IssuerMetadata struct {
 	// Default key and values that can be used for filling the templates
 	// If a key cannot be found on the token claims, the template will use the defaults
-	Defaults map[string]string
+	DefaultTemplateValues map[string]string
 	// It is a Extensions version which the values are template strigs.
 	// It expects strings with templates syntax https://pkg.go.dev/text/template
 	// or raw strings with claims keys to be replaced

diff --git a/pkg/config/config_network_test.go b/pkg/config/config_network_test.go
@@ -73,8 +73,8 @@ func TestParseTemplate(t *testing.T) {
 
 	validTemplate := "{{.foobar}}"
 	invalidTemplate := "{{.foobar}"
-	ciissuerMetadata := make(map[string]DefaultTemplateValues)
-	ciissuerMetadata["github"] = DefaultTemplateValues{
+	ciissuerMetadata := make(map[string]IssuerMetadata)
+	ciissuerMetadata["github"] = IssuerMetadata{
 		ClaimsTemplates: certificate.Extensions{
 			BuildTrigger: invalidTemplate,
 		},
@@ -86,7 +86,7 @@ func TestParseTemplate(t *testing.T) {
 	if err == nil {
 		t.Error("It should raise an error")
 	}
-	ciissuerMetadata["github"] = DefaultTemplateValues{
+	ciissuerMetadata["github"] = IssuerMetadata{
 		ClaimsTemplates: certificate.Extensions{
 			BuildTrigger: validTemplate,
 		},
@@ -98,7 +98,7 @@ func TestParseTemplate(t *testing.T) {
 	if err != nil {
 		t.Error("It shouldn't raise an error")
 	}
-	ciissuerMetadata["github"] = DefaultTemplateValues{
+	ciissuerMetadata["github"] = IssuerMetadata{
 		SubjectAlternativeNameTemplate: invalidTemplate,
 	}
 	fulcioConfig = &FulcioConfig{

diff --git a/pkg/identity/ciprovider/principal.go b/pkg/identity/ciprovider/principal.go
@@ -48,7 +48,7 @@ func getTokenClaims(token *oidc.IDToken) (map[string]string, error) {
 
 // It makes string interpolation for a given string by using the
 // templates syntax https://pkg.go.dev/text/template
-func applyTemplateOrReplace(extValueTemplate string, tokenClaims map[string]string, defaultTemplateValues map[string]string) (string, error) {
+func applyTemplateOrReplace(extValueTemplate string, tokenClaims map[string]string, issuerMetadata map[string]string) (string, error) {
 
 	// Here we merge the data from was claimed by the id token with the
 	// default data provided by the yaml file.
@@ -59,7 +59,7 @@ func applyTemplateOrReplace(extValueTemplate string, tokenClaims map[string]stri
 	for k, v := range tokenClaims {
 		mergedData[k] = v
 	}
-	for k, v := range defaultTemplateValues {
+	for k, v := range issuerMetadata {
 		mergedData[k] = v
 	}
 
@@ -89,7 +89,7 @@ func applyTemplateOrReplace(extValueTemplate string, tokenClaims map[string]stri
 
 type ciPrincipal struct {
 	Token          *oidc.IDToken
-	ClaimsMetadata config.DefaultTemplateValues
+	ClaimsMetadata config.IssuerMetadata
 }
 
 func WorkflowPrincipalFromIDToken(ctx context.Context, token *oidc.IDToken) (identity.Principal, error) {
@@ -112,7 +112,7 @@ func (principal ciPrincipal) Name(_ context.Context) string {
 func (principal ciPrincipal) Embed(_ context.Context, cert *x509.Certificate) error {
 
 	claimsTemplates := principal.ClaimsMetadata.ClaimsTemplates
-	defaults := principal.ClaimsMetadata.Defaults
+	defaults := principal.ClaimsMetadata.DefaultTemplateValues
 	claims, err := getTokenClaims(principal.Token)
 	if err != nil {
 		return err

diff --git a/pkg/identity/ciprovider/principal_test.go b/pkg/identity/ciprovider/principal_test.go
@@ -37,7 +37,7 @@ func TestWorkflowPrincipalFromIDToken(t *testing.T) {
 	}{
 		`Github workflow challenge should have all Github workflow extensions and issuer set`: {
 			ExpectedPrincipal: ciPrincipal{
-				ClaimsMetadata: config.DefaultTemplateValues{
+				ClaimsMetadata: config.IssuerMetadata{
 					ClaimsTemplates: certificate.Extensions{
 						Issuer:                              "issuer",
 						GithubWorkflowTrigger:               "event_name",
@@ -60,7 +60,7 @@ func TestWorkflowPrincipalFromIDToken(t *testing.T) {
 						RunInvocationURI:                    "{{ .url }}/{{ .repository }}/actions/runs/{{ .run_id }}/attempts/{{ .run_attempt }}",
 						SourceRepositoryVisibilityAtSigning: "repository_visibility",
 					},
-					Defaults: map[string]string{
+					DefaultTemplateValues: map[string]string{
 						"url": "https://github.com",
 					},
 					SubjectAlternativeNameTemplate: "{{.url}}/{{.job_workflow_ref}}",
@@ -107,7 +107,7 @@ func TestWorkflowPrincipalFromIDToken(t *testing.T) {
 						ClientID:   "sigstore",
 					},
 				}
-			meta := make(map[string]config.DefaultTemplateValues)
+			meta := make(map[string]config.IssuerMetadata)
 			meta["github-workflow"] = test.ExpectedPrincipal.ClaimsMetadata
 			cfg := &config.FulcioConfig{
 				OIDCIssuers:      OIDCIssuers,
@@ -236,7 +236,7 @@ func TestEmbed(t *testing.T) {
 				`Certificate has correct source repository visibility extension`: factExtensionIs(asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 57264, 1, 22}, "public"),
 			},
 			Principal: ciPrincipal{
-				ClaimsMetadata: config.DefaultTemplateValues{
+				ClaimsMetadata: config.IssuerMetadata{
 					ClaimsTemplates: certificate.Extensions{
 						GithubWorkflowTrigger:               "event_name",
 						GithubWorkflowSHA:                   "sha",
@@ -258,7 +258,7 @@ func TestEmbed(t *testing.T) {
 						RunInvocationURI:                    "{{ .url }}/{{ .repository }}/actions/runs/{{ .run_id }}/attempts/{{ .run_attempt }}",
 						SourceRepositoryVisibilityAtSigning: "repository_visibility",
 					},
-					Defaults: map[string]string{
+					DefaultTemplateValues: map[string]string{
 						"url": "https://github.com",
 					},
 					SubjectAlternativeNameTemplate: "{{.url}}/{{.job_workflow_ref}}",