Apply suggestions from code review

Co-authored-by: Jerop Kipruto <jerop@google.com>
tektoncd · Apr 11, 2023 · 426171e · 426171e
1 parent 2db7daf
commit 426171e
Showing 1 changed file with 5 additions and 5 deletions.
diff --git a/docs/spire.md b/docs/spire.md
@@ -6,7 +6,7 @@ weight: 1660
 -->
 ⚠️ This is a work in progress: SPIRE support is not yet functional
 
-TaskRun result attestations is currently an alpha experimental feature. Currently all that is implemented is support for configuring Tekton to connect to SPIRE and enabling TaskRun to sign and verify the TaskRunStatus. See [TEP-0089](https://github.com/tektoncd/community/blob/main/teps/0089-nonfalsifiable-provenance-support.md) for details on the overall design and feature set.
+TaskRun result attestations is currently an alpha experimental feature. Currently we support configuring Tekton to connect to SPIRE and enabling TaskRun to sign and verify the TaskRunStatus. The next and final step is to enable Chains to verify TaskRun Results. See [TEP-0089](https://github.com/tektoncd/community/blob/main/teps/0089-nonfalsifiable-provenance-support.md) for details on the overall design and feature set.
 
 This being a large feature, this will be implemented in the following phases. This document will be updated as we implement new phases.
 1.  Add a client for SPIRE (done).
@@ -277,15 +277,15 @@ The signatures are being verified by the Tekton controller, the process of verif
 
 # TaskRun Status attestations
 
-Each TaskRun status that is written by the tekton-pipelines-controller will be signed to ensure that there is no external
-tampering of the TaskRun status. Upon each retrieval of the TaskRun, the tekton-pipelines-controller checks if the status is initialized,
+Each TaskRun status that is written by the Tekton Pipelines controller will be signed to ensure that there is no external
+tampering of the TaskRun status. Upon each retrieval of the TaskRun, the Tekton Pipelines controller checks if the status is initialized,
 and that the signature validates the current status.
 The signature and SVID will be stored as annotations on the TaskRun Status field, and can be verified by a client.
 
 The verification is done on every consumption of the TaskRun except when the TaskRun is uninitialized. When uninitialized, the 
-tekton-pipelines-controller is not influenced by fields in the status and thus will not sign incorrect reflections of the TaskRun.
+Tekton Pipelines controller is not influenced by fields in the status and thus will not sign incorrect reflections of the TaskRun.
 
-The spec and TaskRun annotations/labels are not signed when there are valid interactions from other controllers or users (i.e. cancelling taskrun).
+The TaskRun spec and annotations/labels are not signed when there are valid interactions from other controllers or users (i.e. cancelling taskrun).
 Editing the object annotations/labels or spec will not result in any unverifiable outcome of the status field.
 
 As the TaskRun progresses, the Pipeline Controller will reconcile the TaskRun object and continually verify the current hash against the `tekton.dev/status-hash-sig` before updating the hash to match the new status and creating a new signature.