Skip to content

Fix bug uploading slsa-provenance attestations to oci#255

Merged
tekton-robot merged 1 commit into
tektoncd:mainfrom
priyawadhwa:fix-intoto-oci
Oct 10, 2021
Merged

Fix bug uploading slsa-provenance attestations to oci#255
tekton-robot merged 1 commit into
tektoncd:mainfrom
priyawadhwa:fix-intoto-oci

Conversation

@priyawadhwa

Copy link
Copy Markdown
Contributor

We were incorrectly parsing the image name because the subject wasn't in the OCI image reference format.

Based on docs, I think that is an acceptable format for these attestations, so I'm switching it to match the tekton-provenance subjects. This should fix the bug.

Fixes #253

@tekton-robot tekton-robot requested review from dlorenc and font October 8, 2021 20:07
@tekton-robot tekton-robot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Oct 8, 2021
@tekton-robot

Copy link
Copy Markdown

The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/intotoite6/intotoite6.go 93.5% 93.7% 0.2

@dlorenc

dlorenc commented Oct 8, 2021

Copy link
Copy Markdown
Contributor

/lgtm

@tekton-robot tekton-robot added the lgtm Indicates that a PR is ready to be merged. label Oct 8, 2021
@dlorenc

dlorenc commented Oct 8, 2021

Copy link
Copy Markdown
Contributor

/approve

@tekton-robot

Copy link
Copy Markdown

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dlorenc

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@tekton-robot tekton-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Oct 8, 2021
We were incorrectly parsing the image name because the subject wasn't in the OCI image reference format.

Based on docs, I think that is an acceptable format for these attestations, so I'm switching it to match the tekton-provenance subjects. This should fix the bug.
@tekton-robot tekton-robot removed the lgtm Indicates that a PR is ready to be merged. label Oct 8, 2021
@tekton-robot

Copy link
Copy Markdown

The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/intotoite6/intotoite6.go 93.5% 93.7% 0.2

@dlorenc

dlorenc commented Oct 10, 2021

Copy link
Copy Markdown
Contributor

/lgtm

@tekton-robot tekton-robot added the lgtm Indicates that a PR is ready to be merged. label Oct 10, 2021
@tekton-robot tekton-robot merged commit 24c560f into tektoncd:main Oct 10, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Unable to upload provenance data to OCI while using in-toto format

3 participants