kosli-dev · sami-alajrami · Jul 4, 2025 · Jun 10, 2025 · Jun 10, 2025 · Jun 11, 2025
diff --git a/cmd/kosli/assertPRAzure.go b/cmd/kosli/assertPRAzure.go
@@ -59,7 +59,7 @@ func newAssertPullRequestAzureCmd(out io.Writer) *cobra.Command {
 }
 
 func (o *assertPullRequestAzureOptions) run(args []string) error {
-	pullRequestsEvidence, err := o.azureConfig.PREvidenceForCommit(o.commit)
+	pullRequestsEvidence, err := o.azureConfig.PREvidenceForCommitV2(o.commit)
 	if err != nil {
 		return err
 	}

diff --git a/cmd/kosli/assertPRBitbucket.go b/cmd/kosli/assertPRBitbucket.go
@@ -81,7 +81,7 @@ func newAssertPullRequestBitbucketCmd(out io.Writer) *cobra.Command {
 }
 
 func (o *assertPullRequestBitbucketOptions) run(args []string) error {
-	pullRequestsEvidence, err := o.bbConfig.PREvidenceForCommit(o.commit)
+	pullRequestsEvidence, err := o.bbConfig.PREvidenceForCommitV2(o.commit)
 	if err != nil {
 		return err
 	}

diff --git a/cmd/kosli/assertPRGithub.go b/cmd/kosli/assertPRGithub.go
@@ -58,7 +58,7 @@ func newAssertPullRequestGithubCmd(out io.Writer) *cobra.Command {
 }
 
 func (o *assertPullRequestGithubOptions) run(args []string) error {
-	pullRequestsEvidence, err := o.githubConfig.PREvidenceForCommit(o.commit)
+	pullRequestsEvidence, err := o.githubConfig.PREvidenceForCommitV2(o.commit)
 	if err != nil {
 		return err
 	}

diff --git a/cmd/kosli/assertPRGithub_test.go b/cmd/kosli/assertPRGithub_test.go
@@ -47,7 +47,7 @@ func (suite *AssertPRGithubCommandTestSuite) TestAssertPRGithubCmd() {
 			name:      "assert Github PR evidence fails when commit does not exist",
 			cmd: `assert pullrequest github --github-org kosli-dev --repository cli 
 			--commit 19aab7f063147614451c88969602a10afba123ab` + suite.defaultKosliArguments,
-			golden: "Error: GET https://api.github.com/repos/kosli-dev/cli/commits/19aab7f063147614451c88969602a10afba123ab/pulls: 422 No commit found for SHA: 19aab7f063147614451c88969602a10afba123ab []\n",
+			golden: "Error: assert failed: found no pull request(s) in Github for commit: 19aab7f063147614451c88969602a10afba123ab\n",
 		},
 	}
 

diff --git a/cmd/kosli/assertPRGitlab.go b/cmd/kosli/assertPRGitlab.go
@@ -58,7 +58,7 @@ func newAssertPullRequestGitlabCmd(out io.Writer) *cobra.Command {
 }
 
 func (o *assertPullRequestGitlabOptions) run(args []string) error {
-	pullRequestsEvidence, err := o.gitlabConfig.PREvidenceForCommit(o.commit)
+	pullRequestsEvidence, err := o.gitlabConfig.PREvidenceForCommitV2(o.commit)
 	if err != nil {
 		return err
 	}

diff --git a/cmd/kosli/docs.go b/cmd/kosli/docs.go
@@ -340,6 +340,6 @@ var liveCliMap = map[string]string{
 	"kosli list flows":        "kosli list flows --output=json",
 	"kosli get flow":          "kosli get flow dashboard-ci --output=json",
 	//"kosli list trails":       "kosli list trails dashboard-ci --output=json",  // Produces too much output
-	"kosli get trail":         "kosli get trail dashboard-ci 1159a6f1193150681b8484545150334e89de6c1c --output=json",
-	"kosli get attestation":   "kosli get attestation snyk-container-scan --flow=differ-ci --fingerprint=0cbbe3a6e73e733e8ca4b8813738d68e824badad0508ff20842832b5143b48c0 --output=json",
+	"kosli get trail":       "kosli get trail dashboard-ci 1159a6f1193150681b8484545150334e89de6c1c --output=json",
+	"kosli get attestation": "kosli get attestation snyk-container-scan --flow=differ-ci --fingerprint=0cbbe3a6e73e733e8ca4b8813738d68e824badad0508ff20842832b5143b48c0 --output=json",
 }
diff --git a/cmd/kosli/pullrequest.go b/cmd/kosli/pullrequest.go
@@ -48,8 +48,19 @@ func (o *pullRequestArtifactOptions) run(out io.Writer, args []string) error {
 		}
 	}
 
+	label := ""
+	o.payload.GitProvider, label = getGitProviderAndLabel(o.retriever)
+
 	url := fmt.Sprintf("%s/api/v2/evidence/%s/artifact/%s/pull_request", global.Host, global.Org, o.flowName)
-	pullRequestsEvidence, err := o.getRetriever().PREvidenceForCommit(o.commit)
+
+	// TODO: after the PR payload is enhanced for all git providers they will all use the same method
+	var pullRequestsEvidence []*types.PREvidence
+	if o.payload.GitProvider == "github" {
+		pullRequestsEvidence, err = o.getRetriever().PREvidenceForCommitV1(o.commit)
+	} else {
+		pullRequestsEvidence, err = o.getRetriever().PREvidenceForCommitV2(o.commit)
+	}
+
 	if err != nil {
 		return err
 	}
@@ -60,9 +71,6 @@ func (o *pullRequestArtifactOptions) run(out io.Writer, args []string) error {
 		return err
 	}
 
-	label := ""
-	o.payload.GitProvider, label = getGitProviderAndLabel(o.retriever)
-
 	// PR evidence does not have files to upload
 	form, cleanupNeeded, evidencePath, err := newEvidenceForm(o.payload, []string{})
 	// if we created a tar package, remove it after uploading it
@@ -119,7 +127,7 @@ func (o *attestPROptions) run(args []string) error {
 		return err
 	}
 
-	pullRequestsEvidence, err := o.getRetriever().PREvidenceForCommit(o.payload.Commit.Sha1)
+	pullRequestsEvidence, err := o.getRetriever().PREvidenceForCommitV2(o.payload.Commit.Sha1)
 	if err != nil {
 		return err
 	}
@@ -175,14 +183,21 @@ func (o *pullRequestCommitOptions) run(args []string) error {
 		return err
 	}
 
-	pullRequestsEvidence, err := o.getRetriever().PREvidenceForCommit(o.payload.CommitSHA)
+	label := ""
+	o.payload.GitProvider, label = getGitProviderAndLabel(o.retriever)
+
+	// TODO: after the PR payload is enhanced for all git providers they will all use the same method
+	var pullRequestsEvidence []*types.PREvidence
+	if o.payload.GitProvider == "github" {
+		pullRequestsEvidence, err = o.getRetriever().PREvidenceForCommitV1(o.payload.CommitSHA)
+	} else {
+		pullRequestsEvidence, err = o.getRetriever().PREvidenceForCommitV2(o.payload.CommitSHA)
+	}
 	if err != nil {
 		return err
 	}
 
 	o.payload.PullRequests = pullRequestsEvidence
-	label := ""
-	o.payload.GitProvider, label = getGitProviderAndLabel(o.retriever)
 
 	// PR evidence does not have files to upload
 	form, cleanupNeeded, evidencePath, err := newEvidenceForm(o.payload, []string{})

diff --git a/go.mod b/go.mod
@@ -32,6 +32,7 @@ require (
 	github.com/owenrumney/go-sarif/v2 v2.3.3
 	github.com/pkg/errors v0.9.1
 	github.com/rjeczalik/notify v0.9.3
+	github.com/shurcooL/graphql v0.0.0-20230722043721-ed46e5a46466
 	github.com/spf13/cobra v1.9.1
 	github.com/spf13/pflag v1.0.6
 	github.com/spf13/viper v1.20.1

diff --git a/go.sum b/go.sum
@@ -611,6 +611,8 @@ github.com/sagikazarmark/locafero v0.9.0/go.mod h1:UBUyz37V+EdMS3hDF3QWIiVr/2dPr
 github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc=
 github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 h1:n661drycOFuPLCN3Uc8sB6B/s6Z4t2xvBgU1htSHuq8=
 github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3/go.mod h1:A0bzQcvG0E7Rwjx0REVgAGH58e96+X0MeOfepqsbeW4=
+github.com/shurcooL/graphql v0.0.0-20230722043721-ed46e5a46466 h1:17JxqqJY66GmZVHkmAsGEkcIu0oCe3AM420QDgGwZx0=
+github.com/shurcooL/graphql v0.0.0-20230722043721-ed46e5a46466/go.mod h1:9dIRpgIY7hVhoqfe0/FcYp0bpInZaT7dc3BYOprrIUE=
 github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
 github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
 github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=

diff --git a/internal/azure/azure.go b/internal/azure/azure.go
@@ -7,6 +7,7 @@ import (
 	"strings"
 
 	"github.com/kosli-dev/cli/internal/types"
+	"github.com/kosli-dev/cli/internal/utils"
 	"github.com/microsoft/azure-devops-go-api/azuredevops"
 	"github.com/microsoft/azure-devops-go-api/azuredevops/git"
 )
@@ -54,7 +55,8 @@ func NewAzureClientFromToken(ctx context.Context, azToken, orgURL string) (git.C
 	return gitClient, nil
 }
 
-func (c *AzureConfig) PREvidenceForCommit(commit string) ([]*types.PREvidence, error) {
+// This is the old implementation, it will be removed after the PR payload is enhanced for Azure
+func (c *AzureConfig) PREvidenceForCommitV2(commit string) ([]*types.PREvidence, error) {
 	pullRequestsEvidence := []*types.PREvidence{}
 	prs, err := c.PullRequestsForCommit(commit)
 	if err != nil {
@@ -70,6 +72,11 @@ func (c *AzureConfig) PREvidenceForCommit(commit string) ([]*types.PREvidence, e
 	return pullRequestsEvidence, nil
 }
 
+// This is the new implementation, it will be used for Azure
+func (c *AzureConfig) PREvidenceForCommitV1(commit string) ([]*types.PREvidence, error) {
+	return []*types.PREvidence{}, nil
+}
+
 func (c *AzureConfig) newPRAzureEvidence(pr git.GitPullRequest) (*types.PREvidence, error) {
 	prID := strconv.Itoa(*pr.PullRequestId)
 	url, err := url.JoinPath(c.OrgURL, c.Project, "_git", c.Repository, "pullrequest", prID)
@@ -85,7 +92,7 @@ func (c *AzureConfig) newPRAzureEvidence(pr git.GitPullRequest) (*types.PREviden
 	if err != nil {
 		return evidence, err
 	}
-	evidence.Approvers = approvers
+	evidence.Approvers = utils.ConvertStringListToInterfaceList(approvers)
 	return evidence, nil
 }
 

diff --git a/internal/azure/azure_test.go b/internal/azure/azure_test.go
@@ -66,7 +66,7 @@ func (suite *AzureTestSuite) TestPREvidenceForCommit() {
 				testHelpers.SkipIfEnvVarUnset(suite.Suite.T(), []string{"KOSLI_AZURE_TOKEN"})
 				t.config.Token = os.Getenv("KOSLI_AZURE_TOKEN")
 			}
-			prs, err := t.config.PREvidenceForCommit(t.commit)
+			prs, err := t.config.PREvidenceForCommitV2(t.commit)
 			if t.result.wantError {
 				require.Errorf(suite.Suite.T(), err, "expected an error but got: %s", err)
 			} else {

diff --git a/internal/bitbucket/bitbucket.go b/internal/bitbucket/bitbucket.go
@@ -8,6 +8,7 @@ import (
 	"github.com/kosli-dev/cli/internal/logger"
 	"github.com/kosli-dev/cli/internal/requests"
 	"github.com/kosli-dev/cli/internal/types"
+	"github.com/kosli-dev/cli/internal/utils"
 )
 
 type Config struct {
@@ -21,10 +22,16 @@ type Config struct {
 	Assert      bool
 }
 
-func (c *Config) PREvidenceForCommit(commit string) ([]*types.PREvidence, error) {
+// This is the old implementation, it will be removed after the PR payload is enhanced for Bitbucket
+func (c *Config) PREvidenceForCommitV2(commit string) ([]*types.PREvidence, error) {
 	return c.getPullRequestsFromBitbucketApi(commit)
 }
 
+// This is the new implementation, it will be used for Bitbucket
+func (c *Config) PREvidenceForCommitV1(commit string) ([]*types.PREvidence, error) {
+	return []*types.PREvidence{}, nil
+}
+
 func (c *Config) getPullRequestsFromBitbucketApi(commit string) ([]*types.PREvidence, error) {
 	pullRequestsEvidence := []*types.PREvidence{}
 
@@ -122,7 +129,7 @@ func (c *Config) getPullRequestDetailsFromBitbucket(prApiUrl, prHtmlLink, commit
 		} else {
 			c.Logger.Debug("no approvers found")
 		}
-		evidence.Approvers = approvers
+		evidence.Approvers = utils.ConvertStringListToInterfaceList(approvers)
 		// prID := int(responseData["id"].(float64))
 		// evidence.LastCommit, evidence.LastCommitter, err = getBitbucketPRLastCommit(workspace, repository, username, password, prID)
 		// if err != nil {