add transparency log search ui provided by chainguard team#632
Conversation
|
Hi @developer-guy. Thanks for your PR. I'm waiting for a tektoncd member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
I think we need to explain that this service has no SLOs, so there will be no guarantee that it will always be up and running ☝️ |
|
I would recommend against this. The Rekor Search UI is experimental, unsupported, and reserves the right to go away at any time without warning. By contrast, labels are forever. If folks want to document how to look up a Rekor entry in the UI based on existing annotations on resources, that seems fine. If the Rekor UI goes away we can update docs easier than we can update labels for all these resources in every cluster. |
|
@developer-guy, based on @imjasonh's comment I think including the Rekor UI URL is not something we want to add to Chains. Would you be interested in changing the approach of this PR to instead add docs? |
that'd be great @lcarva, I'll replace the PR's content with a documentation update, thanks. |
568209f to
800edf1
Compare
|
|
||
| ### Better Way Of Navigating in Transparency Log with rekor-search-ui | ||
|
|
||
| There is an already annotation in the `TaskRun` or `PipelineRun,` which is `chains.tekton.dev/transparency`, which contains the transparency log entry ID and this can be used to navigate to the transparency log entry over an API, but if you prefer to use a UI, you can use [rekor-search-ui](https://github.com/chainguard-dev/rekor-search-ui), which is a simple UI for searching and viewing transparency log entries. |
There was a problem hiding this comment.
Maybe this sentence can be tighten up a little bit. Consider:
The
chains.tekton.dev/transparencyannotation onTaskRunandPipelineRunresources holds the URL to access the transparency log entry via Rekor's API. It is also possible to view the log entry via Rekor's web interface.
There was a problem hiding this comment.
Cool, I've updated it accordingly
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
800edf1 to
1944e91
Compare
|
/retest |
|
Hmm. It looks like a random failure on e2e tests:
Unfortunately, I don't have access to re-run those tests. |
|
kindly ping @lcarva |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: lcarva The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/ok-to-test |
Signed-off-by: Batuhan Apaydın batuhan.apaydin@trendyol.com
Changes
Add new annotation that provides a UI for searching transparency log
Submitter Checklist
As the author of this PR, please check off the items in this checklist:
functionality, content, code)
Release Notes
/cc @wlynch @priyawadhwa @imjasonh