Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add digest and downloadLocation to VSA policy #124

Merged
merged 9 commits into from
Aug 14, 2024
Merged

feat: add digest and downloadLocation to VSA policy #124

merged 9 commits into from
Aug 14, 2024

Conversation

mrjoelkamp
Copy link
Contributor

@mrjoelkamp mrjoelkamp commented Aug 14, 2024
edited
Loading

Summary

  • adds downloaded policy file digest to vsa.policy.digest
  • adds policy download URI to vsa.policy.downloadLocation
  • makes vsa.policy.uri optional (based on whether it is set or not by the Rego result summary)

Testing

Example VSA using HTTP policy source (without policy.uri set in Rego)
Example VSA using OCI policy source (without policy.uri set in Rego)

@mrjoelkamp mrjoelkamp force-pushed the feat-generate-vsa-policy-uri branch 5 times, most recently from 31747e3 to 21d6402 Compare August 14, 2024 15:47
@github-actions github-actions bot added the chore label Aug 14, 2024
@mrjoelkamp mrjoelkamp force-pushed the feat-generate-vsa-policy-uri branch 2 times, most recently from 7dcb935 to e9890f5 Compare August 14, 2024 17:40
@mrjoelkamp mrjoelkamp changed the title feat: generate VSA policy value from file feat: add digest and downloadLocation to VSA policy field Aug 14, 2024
@mrjoelkamp mrjoelkamp marked this pull request as ready for review August 14, 2024 17:46
@mrjoelkamp mrjoelkamp requested a review from a team as a code owner August 14, 2024 17:46
@mrjoelkamp mrjoelkamp changed the title feat: add digest and downloadLocation to VSA policy field feat: add digest and downloadLocation to VSA policy Aug 14, 2024
whalelines
whalelines reviewed Aug 14, 2024
View reviewed changes
Copy link
Contributor

@whalelines whalelines left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few questions

README.md Outdated Show resolved Hide resolved
pkg/attestation/vsa.go Show resolved Hide resolved
pkg/tuf/tuf.go Outdated Show resolved Hide resolved
pkg/tuf/tuf.go Show resolved Hide resolved
pkg/tuf/mock.go Outdated Show resolved Hide resolved
whalelines
whalelines reviewed Aug 14, 2024
View reviewed changes
Copy link
Contributor

@whalelines whalelines left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry, one more question came to mind

pkg/policy/policy.go Show resolved Hide resolved
whalelines
whalelines approved these changes Aug 14, 2024
View reviewed changes
Copy link
Contributor

@whalelines whalelines left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@mrjoelkamp mrjoelkamp merged commit a4a0bf3 into main Aug 14, 2024
7 checks passed
@mrjoelkamp mrjoelkamp deleted the feat-generate-vsa-policy-uri branch August 14, 2024 21:50
@docker docker deleted a comment from codecov bot Oct 7, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@whalelines whalelines whalelines approved these changes

Assignees
No one assigned
Labels
chore feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mrjoelkamp @whalelines