Move PostgreSQL storage implementation to grafeas-pgsql
#341
Labels
Comments
aysylu
added
enhancement
good first issue
|
I can help with this issue |
|
That'd be fantastic, thank you, @judavi! |
This was referenced Aug 9, 2019
This was referenced Sep 17, 2019
|
I can resume the work on this issue based on the experience that I got working on Grafeas-oracle |
|
That'd be great, thanks, @judavi! |
|
Wondering if this has moved much more? I'm looking for a way to jump in and help with the codebase a bit more. |
hkadakia
pushed a commit
to hkadakia/grafeas
that referenced
this issue
Dec 28, 2021
All the pgsql specific code will be moved out to tetradio repo, as mentioned upstream in grafeas#341 When we are ready, we can submit this and pgsql code to be merged upstream.
hkadakia
added a commit
to hkadakia/grafeas
that referenced
this issue
Dec 28, 2021
* updating json examples and extended the grpc client example * Deal with Windows line-endings that git introduces * Allow for Windows protoc download * Deal with explicitly shelling out via bash * Unzip on Windows slow to release file handles * fix marshalling error when deleting projects * backfill tests * Add tests on permission checking Add some tests to validate the permission checks on UpdateOccurrence operations. To support the tests, add a allowListAuth test implementation of Auth that just stores a list of allowed project/permission pairs. Two of the tests are documenting incorrect behavior that will be fixed in a later commit. Namely: (1) Updating the NoteName should require NotesAttachOccurrence on the old NoteName (as this is effectively a detach operation). (2) When excluding the NoteName from the update using an UpdateMask, the permission check should be performed against the existing NoteName, not whatever was passed in (and which will be ignored). * Fix permission checks in occurrence update function This commit fixes the permission checks in UpdateOccurrence and updates the tests from the last commit to demonstrate the change. In particular, we now check the NotesAttachOccurrence on the occurrence's existing NoteName before allowing updates. We continue to check the NotesAttachOccurrence on the updated NoteName (if it is different from the existing NoteName whose permission has already been checked). This means that updating an occurrence from one note to another requires NotesAttachOccurrence on both notes. * Changes to v1 proto only * fix the field number of inclusive. * also add changes to v1beta1 * fix typo * Update running_grafeas.md The instructions for using the curl command with the certificate didn't work for me. I got the error message: `curl: (58) unable to set private key file: 'server.pem' type PEM` When I added these additional flags, it worked fine. * add grafeas-elasticsearch to list of backends * Add the vendor field to Vulnerability.Detail * Increase max page size in v1 API: 1k -> 10k. * fixes ARM build * initial commit of grafeas proto * add files generated by running make * Added roadmap and clarifications for architecture * addressing comments on the PR * further comments addressed * Add the non_compliance_reason field to ComplianceOccurrence The field is necessary to support the cases where the benchmark is non-compliant but there are no associated files, like the upcoming SQL checks. * remove unused deps from compliance proto * add COMPLIANCE to note kind * Added SECURITY guidelines * fix: broken link * Add the vendor info to the V1 api. * Initial commit of DSSE Attestation and IntotoProvenance support. * Remove prefix from intotoprovenance * Add generation code. * Add dsse references in grafeas.proto * Fixes in reference to the comments. * Fix common.proto field format * Change names of fields to work around naming conflicts. * Renamed Builder to BuilderConfig, to not conflict with the Java generated Builder class. * Make casing of dsse consistent * Make casing of dsse consistent * Move the package type and effective severity to the PackageIssue level When we are creating vulnerabilities, we may find vulnerabilities for multiple different package types (e.g. OS, Maven, NPM, Go, etc.) on a single Note. Since type is currently on the Vulnerability occurrence level, we need to move it down into the PackageIssue level. Similarly, vulnerabilities issued for different package types (potentially by different vulnerability sources) can have different effective severities. Therefore, this field also needs to be moved down into the PackageIssue level. * Change intoto provenance arguments to be of Any type. * Change intoto provenance arguments to be of Any type. * Fix small typo * Add comment about "Any" * SBOM protos * move spdx proto to v1beta1 and split into seperate files * Add TODO to encapsulate spdx license fields * Change arguments and recipe from []Any to just Any, to more closely follow the spec. * Add SPDX Relationships protos and consolidate SPDX protos into one file. * Remove obsolete SPDX files. * Added fields to PackageInfoOccurrence and RelationshipNote * Created License message * Use License message instead of the string field type * Use annotations for output only fields * Clean up comments for output only fields * Top-level enums should appear ahead of messages * Correction: top-level enums should appear after messages * 1. Add a new type, of type slsa_provenance, which exactly follows the slsa spec (as opposed to the intoto_provenance, which has a few differences). 2. Add slsa_provenance as a predicate type to the intoto_statement 3. Add the intoto_statement to the build type. 4. Change the json serialization of the intoto_statement type to "_type" to follow the spec. * Correct import paths * Keep intoto_provenance as-is. * Cmment out the slsa provenance to see if compilation works. * Fix spelling of deployable * 1. Move intoto_statement to its own file, replacing dsse_attestation and references to it. 2. Add slsa_provenaecn and intoto_statement to generate file. * Add build verification and tests * Keep dsse attestation, just move around intoto_statement to its own file. * Keep dsse attestation with the original statement * Added links for clarification. * Rename Builder message to BuilderConfig * Prepend messages with "Slsa" to avoid naming conflicts in the "grafeas.v1" package. * changes for cvss v3 * Add grafeas-rds to list of backends. * use backticks for strings * regen with protoc 3.11.4 and grpc-gateway 1.19.6 * add v1 proto generated code * preserve original v1 generate.go * regen with v2 and sync with master * add git validation that was done in https://git.vzbuilders.com/maditya/grafeas-orig/pull/3 * add pg filter based on mysql filter * Remove pgsql implementation (#1) All the pgsql specific code will be moved out to tetradio repo, as mentioned upstream in grafeas#341 When we are ready, we can submit this and pgsql code to be merged upstream. * add custom uploader_id and content_hash field for package type (grafeas#2) Co-authored-by: jwang04 <jwang04@verizonmedia.com> * regen with protoc 3.11.4 and grpc-gateway 1.19.6 * add v1 proto generated code * preserve original v1 generate.go * regen with v2 and sync with master * add pg filter based on mysql filter * initial working version * fix kind sql parsing * Remove pgsql implementation (#1) All the pgsql specific code will be moved out to tetradio repo, as mentioned upstream in grafeas#341 When we are ready, we can submit this and pgsql code to be merged upstream. Co-authored-by: greendinosaur <greendinosaur@users.noreply.github.com> Co-authored-by: Sean Dukehart <tomcruise81@users.noreply.github.com> Co-authored-by: Michael Parker <michael@parker.gg> Co-authored-by: wkozlik <61755482+wkozlik@users.noreply.github.com> Co-authored-by: Eric Zimanyi <ezimanyi@google.com> Co-authored-by: Aysylu Greenberg <aysylu@users.noreply.github.com> Co-authored-by: Neetha Sebastian <neethas@google.com> Co-authored-by: Dina Graves Portman <dinagraves@google.com> Co-authored-by: Yinpeng Li <yinpengli@google.com> Co-authored-by: Catherine Jones <31020910+catherinejones@users.noreply.github.com> Co-authored-by: Pietro Ferretti <pferretti@google.com> Co-authored-by: Nolan Emirot <emirot.nolan@gmail.com> Co-authored-by: vyinpengli <mousquetairesyl@gmail.com> Co-authored-by: sherzberg <sherzberg@google.com> Co-authored-by: Nicholas Cho <nickcho2@gmail.com> Co-authored-by: Yousef Alowayed <yousef.alowayed@gmail.com> Co-authored-by: Wiktor Kozlik <wkozlik@google.com> Co-authored-by: Ethan Anderson <eanderson@atlassian.com> Co-authored-by: yzhao02 <yonghe.zhao@verizonmedia.com> Co-authored-by: Aditya Mahendrakar <maditya@verizonmedia.com> Co-authored-by: Junyi Wang <junyi.wang@oath.com> Co-authored-by: jwang04 <jwang04@verizonmedia.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
For consistency with the Grafeas architecture, we'd like to move the PostgreSQL storage implementation to its own project,
grafeas-pgsql.Describe the solution you'd like
grafeas-pgsql.Describe alternatives you've considered
For now, it's part of the Grafeas project, but going forward we'd like to keep the project scope limited to the API.
The text was updated successfully, but these errors were encountered: