Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Attestations + policy in cip. #1772

Merged
merged 22 commits into from Apr 23, 2022
Merged

Attestations + policy in cip. #1772

merged 22 commits into from Apr 23, 2022

Commits on Apr 22, 2022

  1. Modify types, introduce name defaults, codegen. 

    Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
    @vaikas
    vaikas committed Apr 22, 2022
    Configuration menu
    Copy the full SHA
    e942146 View commit details
    Browse the repository at this point in the history

  2. Start refactoring and adding verify-attestation pieces. 

    Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
    @vaikas
    vaikas committed Apr 22, 2022
    Configuration menu
    Copy the full SHA
    b85eeb9 View commit details
    Browse the repository at this point in the history

  3. Sort of works e2e. 

    Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
    @vaikas
    vaikas committed Apr 22, 2022
    Configuration menu
    Copy the full SHA
    4ec9e8d View commit details
    Browse the repository at this point in the history

  4. E2E tests. Plumb rekor through for key-ful signing too. 

    Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
    @vaikas
    vaikas committed Apr 22, 2022
    Configuration menu
    Copy the full SHA
    4e4fdb8 View commit details
    Browse the repository at this point in the history

  5. bad rebase. 

    Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
    @vaikas
    vaikas committed Apr 22, 2022
    Configuration menu
    Copy the full SHA
    af699bf View commit details
    Browse the repository at this point in the history

  6. more bad rebases. 

    Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
    @vaikas
    vaikas committed Apr 22, 2022
    Configuration menu
    Copy the full SHA
    8157fca View commit details
    Browse the repository at this point in the history

  7. regen keys. 

    Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
    @vaikas
    vaikas committed Apr 22, 2022
    Configuration menu
    Copy the full SHA
    4160ffb View commit details
    Browse the repository at this point in the history

  8. at the right place. 

    Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
    @vaikas
    vaikas committed Apr 22, 2022
    Configuration menu
    Copy the full SHA
    7233326 View commit details
    Browse the repository at this point in the history

  9. forgot one rekor-url. 

    Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
    @vaikas
    vaikas committed Apr 22, 2022
    Configuration menu
    Copy the full SHA
    f1a0426 View commit details
    Browse the repository at this point in the history

  10. Lint. 

    Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
    @vaikas
    vaikas committed Apr 22, 2022
    Configuration menu
    Copy the full SHA
    b2776f9 View commit details
    Browse the repository at this point in the history

  11. remove these manually. 

    Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
    @vaikas
    vaikas committed Apr 22, 2022
    Configuration menu
    Copy the full SHA
    1438463 View commit details
    Browse the repository at this point in the history

  12. Cleanups, do not unnecessarily eval empty json bytes for attestation … 

    …policy.

Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
    @vaikas
    vaikas committed Apr 22, 2022
    Configuration menu
    Copy the full SHA
    a17bcfa View commit details
    Browse the repository at this point in the history

  13. Add name to attestations for easier referencing from cip policy. 

    Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
    @vaikas
    vaikas committed Apr 22, 2022
    Configuration menu
    Copy the full SHA
    3718151 View commit details
    Browse the repository at this point in the history

  14. Do not return empty PolicyResult when errors. 

    Start adding UT for ValidatePolicy. Getting ready for rebase.

Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
    @vaikas
    vaikas committed Apr 22, 2022
    Configuration menu
    Copy the full SHA
    ddeb422 View commit details
    Browse the repository at this point in the history

  15. fix: cue policy missing double-quotes 

    Signed-off-by: hectorj2f <hectorf@vmware.com>
    @vaikas
    hectorj2f authored and vaikas committed Apr 22, 2022
    Configuration menu
    Copy the full SHA
    9e5688f View commit details
    Browse the repository at this point in the history

  16. Add start of unit tests for policy validation stuff. 

    Add start of UT for ValidatePolicy.

Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
    @vaikas
    vaikas committed Apr 22, 2022
    Configuration menu
    Copy the full SHA
    d6e0a42 View commit details
    Browse the repository at this point in the history

  17. Refactor policy eval code. Remove the attestation CIP from normal 

    CIP tests, will follow up with those.
Add validation for attestations in CIPs

Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
    @vaikas
    vaikas committed Apr 22, 2022
    Configuration menu
    Copy the full SHA
    2a60a43 View commit details
    Browse the repository at this point in the history

  18. loving yaml, thanks validation! 

    Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
    @vaikas
    vaikas committed Apr 22, 2022
    Configuration menu
    Copy the full SHA
    f7efb9d View commit details
    Browse the repository at this point in the history

  19. Starting to break apart the attestation tests. 

    Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
    @vaikas
    vaikas committed Apr 22, 2022
    Configuration menu
    Copy the full SHA
    f6fcb5c View commit details
    Browse the repository at this point in the history

  20. checkpoint 

    Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
    @vaikas
    vaikas committed Apr 22, 2022
    Configuration menu
    Copy the full SHA
    588e023 View commit details
    Browse the repository at this point in the history

Commits on Apr 23, 2022

  1. Remove unused keychain from the Validate* calls and use one 

    from the remoteopts instead consistently.
Address PR feedback.

Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
    @vaikas
    vaikas committed Apr 23, 2022
    Configuration menu
    Copy the full SHA
    d402a02 View commit details
    Browse the repository at this point in the history

  2. lint. 

    Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
    @vaikas
    vaikas committed Apr 23, 2022
    Configuration menu
    Copy the full SHA
    1541a0c View commit details
    Browse the repository at this point in the history