(_ context.Context, attachment *v1.PolicyAttachment)
| 130 | type HTTPSLoader struct{} |
| 131 | |
| 132 | func (l *HTTPSLoader) Load(_ context.Context, attachment *v1.PolicyAttachment) (*v1.Policy, *PolicyDescriptor, error) { |
| 133 | ref, wantDigest := ExtractDigest(attachment.GetRef()) |
| 134 | |
| 135 | // and do not remove the scheme since we need http(s):// to make the request |
| 136 | if _, err := ensureScheme(ref, httpScheme, httpsScheme); err != nil { |
| 137 | return nil, nil, fmt.Errorf("invalid policy reference %q: %w", ref, err) |
| 138 | } |
| 139 | |
| 140 | // #nosec G107 |
| 141 | resp, err := http.Get(ref) |
| 142 | if err != nil { |
| 143 | return nil, nil, fmt.Errorf("requesting remote policy: %w", err) |
| 144 | } |
| 145 | defer resp.Body.Close() |
| 146 | raw, err := io.ReadAll(resp.Body) |
| 147 | if err != nil { |
| 148 | return nil, nil, fmt.Errorf("reading remote policy: %w", err) |
| 149 | } |
| 150 | |
| 151 | var policy v1.Policy |
| 152 | d, err := unmarshallResource(raw, ref, wantDigest, &policy) |
| 153 | if err != nil { |
| 154 | return nil, nil, fmt.Errorf("unmarshalling policy spec: %w", err) |
| 155 | } |
| 156 | |
| 157 | return &policy, d, nil |
| 158 | } |
| 159 | |
| 160 | // ChainloopLoader loads policies referenced with chainloop://provider/name URLs |
| 161 | type ChainloopLoader struct { |
nothing calls this directly
no test coverage detected