Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TEP 0122 - Adding taskspec to buildConfig and taskrunspec to parameters #663

Merged
merged 1 commit into from
Feb 16, 2023
Merged

TEP 0122 - Adding taskspec to buildConfig and taskrunspec to parameters #663

merged 1 commit into from
Feb 16, 2023

Conversation

chitrangpatel
Copy link
Contributor

@chitrangpatel chitrangpatel commented Jan 3, 2023
edited
Loading

This PR introduces a new format slsa/v2alpha1 (later switch to slsa/v2) for taskrun provenance which contains complete build instructions as proposed in TEP0122. This is a backwards incompatible change but necessary for completeness of build instructions. While it's in alpha state, it is considered WIP and will undergo multiple upgrades until it is feature complete.

Changes

This PR adds the complete TaskSpec in the buildConfig and TaskRunSpec fields to invocation.Parameters. invocation.Environment section of the provenance will be added in a follow up PR after the feature flags are surfaced in the taskrun status.

Submitter Checklist

As the author of this PR, please check off the items in this checklist:

  • Has Docs included if any changes are user facing
  • Has Tests included if any functionality added or changed
  • Follows the commit message standard
  • Meets the Tekton contributor standards (including
    functionality, content, code)
  • Release notes block below has been updated with any user facing changes (API changes, bug fixes, changes requiring upgrade notices or deprecation warnings)
  • Release notes contains the string "action required" if the change requires additional action from users switching to the new release

Release Notes

complete build instuctions: add taskspec to buildConfig

/kind feature

@tekton-robot tekton-robot added the kind/feature Categorizes issue or PR as related to a new feature. label Jan 3, 2023
@tekton-robot tekton-robot requested review from lcarva and wlynch January 3, 2023 16:20
@tekton-robot tekton-robot added the size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. label Jan 3, 2023
@chitrangpatel chitrangpatel changed the title TEP 0122: complete build instuctions: adding taskspec to buildConfig TEP 0122 - complete build instuctions: adding taskspec to buildConfig Jan 3, 2023
@chitrangpatel chitrangpatel changed the title TEP 0122 - complete build instuctions: adding taskspec to buildConfig TEP 0122 - complete build instructions: adding taskspec to buildConfig Jan 3, 2023
@tekton-robot
Copy link

The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/extract/extract.go Do not exist 41.9%
pkg/chains/formats/intotoite6v2/intotoite6v2.go Do not exist 87.5%
pkg/chains/formats/intotoite6v2/taskrun/taskrun.go Do not exist 76.7%

@tekton-robot
Copy link

The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/extract/extract.go Do not exist 41.9%
pkg/chains/formats/intotoite6v2/intotoite6v2.go Do not exist 87.5%
pkg/chains/formats/intotoite6v2/taskrun/taskrun.go Do not exist 76.7%

bendory
bendory approved these changes Jan 5, 2023
View reviewed changes
Copy link
Contributor

@bendory bendory left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This LGTM, but can you please complete the Submitter Checklist?

wlynch
wlynch requested changes Jan 9, 2023
View reviewed changes
Copy link
Member

@wlynch wlynch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd hold off on the attest/extract package moves for another PR unless we strictly need them to avoid import cycles - they're fairly specific to intoto/slsa so they probably still belong in a intoto/slsa rooted directory.

pkg/chains/formats/all/all.go Outdated Show resolved Hide resolved
pkg/chains/formats/intotoite6v2/intotoite6v2.go Outdated Show resolved Hide resolved
pkg/chains/formats/intotoite6v2/intotoite6v2.go Outdated Show resolved Hide resolved
pkg/chains/formats/intotoite6v2/intotoite6v2.go Outdated Show resolved Hide resolved
pkg/chains/formats/intotoite6v2/intotoite6v2_test.go Outdated Show resolved Hide resolved
pkg/chains/formats/intotoite6v2/taskrun/taskrun.go Outdated Show resolved Hide resolved
@tekton-robot tekton-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jan 9, 2023
@chitrangpatel
Copy link
Contributor Author

/hold wait for some other PRs to be merged first.

@tekton-robot tekton-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jan 17, 2023
@tekton-robot tekton-robot added size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. and removed needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. labels Jan 23, 2023
@chitrangpatel
Copy link
Contributor Author

/hold cancel

@tekton-robot tekton-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jan 23, 2023
@tekton-robot
Copy link

The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/slsa/v2/intotoite6v2.go Do not exist 87.5%
pkg/chains/formats/slsa/v2/taskrun/taskrun.go Do not exist 32.6%

@tekton-robot tekton-robot added size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. and removed size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. labels Jan 23, 2023
@tekton-robot
Copy link

The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/slsa/v2/intotoite6v2.go Do not exist 85.7%
pkg/chains/formats/slsa/v2/taskrun/taskrun.go Do not exist 60.0%

@chitrangpatel chitrangpatel changed the title TEP 0122 - complete build instructions: adding taskspec to buildConfig TEP 0122 - complete build instructions: adding taskspec to buildConfig and taskrunspec to parameters Jan 23, 2023
@chitrangpatel chitrangpatel changed the title TEP 0122 - complete build instructions: adding taskspec to buildConfig and taskrunspec to parameters TEP 0122 - Adding taskspec to buildConfig and taskrunspec to parameters Jan 23, 2023
wlynch
wlynch requested changes Jan 24, 2023
View reviewed changes
pkg/chains/formats/all/all.go Show resolved Hide resolved
pkg/chains/formats/slsa/v2/intotoite6v2.go Outdated Show resolved Hide resolved
pkg/chains/formats/all/all.go Show resolved Hide resolved
pkg/chains/formats/slsa/v2/taskrun/taskrun.go Outdated Show resolved Hide resolved
pkg/chains/formats/slsa/v1/taskrun/material.go Show resolved Hide resolved
pkg/chains/formats/slsa/v2/intotoite6v2_test.go Outdated Show resolved Hide resolved
@tekton-robot tekton-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jan 27, 2023
@tekton-robot tekton-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jan 31, 2023
@tekton-robot
Copy link

The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/slsa/v2/intotoite6v2.go Do not exist 85.7%
pkg/chains/formats/slsa/v2/taskrun/taskrun.go Do not exist 60.0%

@chitrangpatel chitrangpatel mentioned this pull request Feb 2, 2023
Closed
6 tasks
@tekton-robot
Copy link

The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/slsa/internal/material/material.go Do not exist 84.1%
pkg/chains/formats/slsa/v2/slsav2.go Do not exist 85.7%
pkg/chains/formats/slsa/v2/taskrun/taskrun.go Do not exist 60.0%

@tekton-robot
Copy link

The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/slsa/internal/material/material.go Do not exist 84.1%
pkg/chains/formats/slsa/v2/slsav2.go Do not exist 85.7%
pkg/chains/formats/slsa/v2/taskrun/taskrun.go Do not exist 60.0%

@tekton-robot
Copy link

The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/slsa/internal/material/material.go Do not exist 84.1%
pkg/chains/formats/slsa/v2/slsav2.go Do not exist 85.7%
pkg/chains/formats/slsa/v2/taskrun/taskrun.go Do not exist 60.0%

@tekton-robot
Copy link

The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/slsa/internal/material/material.go Do not exist 84.1%
pkg/chains/formats/slsa/v2/slsav2.go Do not exist 85.7%
pkg/chains/formats/slsa/v2/taskrun/taskrun.go Do not exist 60.0%

@chitrangpatel
TEP 0122: complete build instuctions: adding taskspec to buildConfig
3e909af 
This PR introduces a new format `slsa/v2` which contains the complete
build instructions as designed in TEP0122.

Note that we are currently surfacing it for the users as `slsa/v2alpha1` since it is WIP and will undergo updates until we make it available for pipelineruns as well.
@tekton-robot
Copy link

The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/slsa/internal/material/material.go Do not exist 84.1%
pkg/chains/formats/slsa/v2/slsav2.go Do not exist 85.7%
pkg/chains/formats/slsa/v2/taskrun/taskrun.go Do not exist 60.0%

@chitrangpatel chitrangpatel requested review from wlynch and removed request for lcarva February 16, 2023 20:13
wlynch
wlynch requested changes Feb 16, 2023
View reviewed changes
Copy link
Member

@wlynch wlynch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Just one small tweak to the docs and good to merge.

docs/config.md
@@ -51,11 +51,12 @@ Supported keys include:

| Key | Description | Supported Values | Default |
| :--- | :--- | :--- | :--- |
| `artifacts.taskrun.format` | The format to store `TaskRun` payloads in. | `in-toto`, `slsa/v1`| `in-toto` |
| `artifacts.taskrun.format` | The format to store `TaskRun` payloads in. | `in-toto`, `slsa/v1`, `slsa/v2alpha1`| `in-toto` |
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd go a step further and remove it from the top level config docs for now and just leave it documented in slsa/README.md.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sounds good!

wlynch
wlynch approved these changes Feb 16, 2023
View reviewed changes
Copy link
Member

@wlynch wlynch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

eh I won't block submission on a 1 line change. I'll send you a PR once this is in.

@tekton-robot
Copy link

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: bendory, wlynch

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@tekton-robot tekton-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Feb 16, 2023
@wlynch
Copy link
Member

wlynch commented Feb 16, 2023

/lgtm

@tekton-robot tekton-robot added the lgtm Indicates that a PR is ready to be merged. label Feb 16, 2023
@tekton-robot tekton-robot merged commit 3ddd5f4 into tektoncd:main Feb 16, 2023
@chitrangpatel chitrangpatel mentioned this pull request Mar 28, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jagathprakash jagathprakash jagathprakash left review comments

@bendory bendory bendory approved these changes

@wlynch wlynch wlynch approved these changes

Assignees

@wlynch wlynch

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. kind/feature Categorizes issue or PR as related to a new feature. lgtm Indicates that a PR is ready to be merged. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@chitrangpatel @tekton-robot @wlynch @bendory @jagathprakash