You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Chainloop, currently has a mechanism to send attestation and artifact metadata to third party-integrations such an OCI registry (attestation) and Dependency-Track (CycloneDX SBOM).
It's implementation today happens in the service layer and has some drawbacks due to it's naive initial implementation using a go-routine
Chainloop, currently has a mechanism to send attestation and artifact metadata to third party-integrations such an OCI registry (attestation) and Dependency-Track (CycloneDX SBOM).
It's implementation today happens in the service layer and has some drawbacks due to it's naive initial implementation using a go-routine
chainloop/app/controlplane/internal/service/attestation.go
Line 223 in e770fae
Lucky for us those shortcomings can be easily overcame by using an event bus / queue mechanism such as nats.io streams.
We should design a new architecture that fixes the aforementioned shortcomings and sets the stage to a generic third-party integration framework #38
The text was updated successfully, but these errors were encountered: