singular attestation

Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>

cli/slsa-verifier/verify/options.go

@@ -147,11 +147,11 @@ func (o *VerifyVSAOptions) AddFlags(cmd *cobra.Command) {
 	cmd.Flags().StringArrayVar(&o.SubjectDigests, "subject-digest", []string{},
 		"the digests to be verified. Pass multiple digests by repeating the flag. e.g. <digest type>:<digest value>")
 
-	cmd.Flags().StringVar(&o.AttestationPath, "attestations-path", "",
-		"path to a file containing the attestations")
+	cmd.Flags().StringVar(&o.AttestationPath, "attestation-path", "",
+		"path to a file containing the attestation")
 
 	cmd.Flags().StringVar(&o.VerifierID, "verifier-id", "",
-		"the unique verifier ID who created the attestations")
+		"the unique verifier ID who created the attestation")
 
 	cmd.Flags().StringVar(&o.ResourceURI, "resource-uri", "",
 		"the resource URI to be verified")
@@ -172,7 +172,7 @@ func (o *VerifyVSAOptions) AddFlags(cmd *cobra.Command) {
 		"[optional] the hash algorithm used to hash the public key, one of SHA256 [efault], SHA384, or SHA512")
 
 	cmd.MarkFlagRequired("subject-digests")
-	cmd.MarkFlagRequired("attestations-path")
+	cmd.MarkFlagRequired("attestation-path")
 	cmd.MarkFlagRequired("verifier-id")
 	cmd.MarkFlagRequired("resource-uri")
 	cmd.MarkFlagRequired("public-key-path")

cli/slsa-verifier/verify/verify_vsa.go

@@ -77,12 +77,12 @@ func (c *VerifyVSACommand) Exec(ctx context.Context) (*utils.TrustedAttesterID,
 		PublicKeyID:       c.PublicKeyID,
 		PublicKeyHashAlgo: hashAlgo,
 	}
-	attestations, err := os.ReadFile(*c.AttestationPath)
+	attestation, err := os.ReadFile(*c.AttestationPath)
 	if err != nil {
 		printFailed(err)
 		return nil, err
 	}
-	verifiedProvenance, outProducerID, err := verifiers.VerifyVSA(ctx, attestations, vsaOpts, VerificationOpts)
+	verifiedProvenance, outProducerID, err := verifiers.VerifyVSA(ctx, attestation, vsaOpts, VerificationOpts)
 	if err != nil {
 		printFailed(err)
 		return nil, err

verifiers/internal/vsa/verifier.go

@@ -14,15 +14,15 @@ import (
 	"github.com/slsa-framework/slsa-verifier/v2/verifiers/utils"
 )
 
-// VerifyVSA verifies the VSA attestations.
+// VerifyVSA verifies the VSA attestation.
 func VerifyVSA(ctx context.Context,
-	attestations []byte,
+	attestation []byte,
 	vsaOpts *options.VSAOpts,
 	verificationOpts *options.VerificationOpts,
 ) ([]byte, *utils.TrustedAttesterID, error) {
 	// following steps in https://slsa.dev/spec/v1.1/verification_summary#how-to-verify
 
-	envelope, err := utils.EnvelopeFromBytes(attestations)
+	envelope, err := utils.EnvelopeFromBytes(attestation)
 	if err != nil {
 		return nil, nil, err
 	}

verifiers/verifier.go

@@ -76,11 +76,11 @@ func VerifyNpmPackage(ctx context.Context,
 		provenanceOpts, builderOpts)
 }
 
-// VerifyVSA verifies the VSA attestations. It returns the attestation base64-decoded from the envelope, and the trusted attester ID.
+// VerifyVSA verifies the VSA attestation. It returns the attestation base64-decoded from the envelope, and the trusted attester ID.
 func VerifyVSA(ctx context.Context,
-	attestations []byte,
+	attestation []byte,
 	vsaOpts *options.VSAOpts,
 	verificationOpts *options.VerificationOpts,
 ) ([]byte, *utils.TrustedAttesterID, error) {
-	return vsa.VerifyVSA(ctx, attestations, vsaOpts, verificationOpts)
+	return vsa.VerifyVSA(ctx, attestation, vsaOpts, verificationOpts)
 }