Skip to content

Add Hash equal schema for GraphQL#442

Merged
kodiakhq[bot] merged 3 commits intoguacsec:mainfrom
pxp928:hash-equal-schema
Feb 13, 2023
Merged

Add Hash equal schema for GraphQL#442
kodiakhq[bot] merged 3 commits intoguacsec:mainfrom
pxp928:hash-equal-schema

Conversation

@pxp928
Copy link
Copy Markdown
Collaborator

@pxp928 pxp928 commented Feb 13, 2023
edited
Loading

Add in the Hash Equal attestation for graphQL:

HashEqual:

  • Description: attestation that the artifact is equal to another artifact (for example SHA1 and SHA256 represent the same artifact) with a justification.

  • Subject: artifact

  • Object: is_equal ( artifact )

  • Properties: justification ( string )
    source ( string )
    collector ( string )

fragment allHashEqualTree on HashEqual {
  justification
  artifacts {
    algorithm
    digest
  }
  origin
  collector
}

query Q1 {
  HashEquals(hashEqualSpec: {}) {
    ...allHashEqualTree
  }
}

query Q2 {
  HashEquals(hashEqualSpec: {origin: "testing backend"}) {
    ...allHashEqualTree
  }
}

query Q3 {
  HashEquals(
    hashEqualSpec: {artifacts: [{algorithm: "sha1", digest: "7a8f47318e4676dacb0142afa0b83029cd7befd9"}]}
  ) {
    ...allHashEqualTree
  }
}

query Q4 {
  HashEquals(
    hashEqualSpec: {artifacts: [{algorithm: "sha256", digest: "89bb0da1891646e58eb3e6ed24f3a6fc3c8eb5a0d44824cba581dfa34a0450cf"}]}
  ) {
    ...allHashEqualTree
  }
}

query Q5 {
  HashEquals(
    hashEqualSpec: {artifacts: [{algorithm: "sha256", digest: "6bbb0da1891646e58eb3e6a63af3a6fc3c8eb5a0d44824cba581d2e14a0450cf"}]}
  ) {
    ...allHashEqualTree
  }
}

query Q6 {
  HashEquals(
    hashEqualSpec: {artifacts: [{algorithm: "sha512", digest: "374ab8f711235830769aa5f0b31ce9b72c5670074b34cb302cdafe3b606233ee92ee01e298e5701f15cc7087714cd9abd7ddb838a6e1206b3642de16d9fc9dd7"}]}
  ) {
    ...allHashEqualTree
  }
}

@pxp928
inital commit
61fb4d6 
Signed-off-by: pxp928 <parth.psu@gmail.com>
@pxp928
Copy link
Copy Markdown
Collaborator Author

pxp928 commented Feb 13, 2023

@lumjjb, @mihaimaruseac, @mlieberman85 looking for feedback on improvements or missing features.

lumjjb
lumjjb reviewed Feb 13, 2023
View reviewed changes
Comment thread pkg/assembler/graphql/schema/hashEqual.graphql Outdated
@pxp928 pxp928 force-pushed the hash-equal-schema branch 3 times, most recently from 2240edf to 0a8f4b8 Compare February 13, 2023 19:14
@pxp928 pxp928 requested a review from lumjjb February 13, 2023 19:15
@pxp928
Copy link
Copy Markdown
Collaborator Author

pxp928 commented Feb 13, 2023

Ready for review

@pxp928
add unimplemented backend for neo4j
f8d8875 
Signed-off-by: pxp928 <parth.psu@gmail.com>
mlieberman85
mlieberman85 reviewed Feb 13, 2023
View reviewed changes
Comment thread pkg/assembler/backends/testing/backend.go
@pxp928
removed nested if statement
2cbbe47 
Signed-off-by: pxp928 <parth.psu@gmail.com>
@pxp928 pxp928 requested a review from mlieberman85 February 13, 2023 22:16
mlieberman85
mlieberman85 approved these changes Feb 13, 2023
View reviewed changes
Copy link
Copy Markdown
Collaborator

@mlieberman85 mlieberman85 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@kodiakhq kodiakhq Bot merged commit acad3d7 into guacsec:main Feb 13, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mihaimaruseac mihaimaruseac mihaimaruseac approved these changes

@mlieberman85 mlieberman85 mlieberman85 approved these changes

@lumjjb lumjjb Awaiting requested review from lumjjb

Assignees

No one assigned

Labels

size/L

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@pxp928 @mihaimaruseac @mlieberman85 @lumjjb