Skip to content

add transparency log search ui provided by chainguard team#632

Merged
tekton-robot merged 1 commit into
tektoncd:mainfrom
developer-guy:feature/576
Jan 26, 2023
Merged

add transparency log search ui provided by chainguard team#632
tekton-robot merged 1 commit into
tektoncd:mainfrom
developer-guy:feature/576

Conversation

@developer-guy

Copy link
Copy Markdown
Contributor

Signed-off-by: Batuhan Apaydın batuhan.apaydin@trendyol.com

Changes

Add new annotation that provides a UI for searching transparency log

Submitter Checklist

As the author of this PR, please check off the items in this checklist:

  • Has Docs included if any changes are user facing
  • Has Tests included if any functionality added or changed
  • Follows the commit message standard
  • Meets the Tekton contributor standards (including
    functionality, content, code)
  • Release notes block below has been updated with any user facing changes (API changes, bug fixes, changes requiring upgrade notices or deprecation warnings)
  • Release notes contains the string "action required" if the change requires additional action from users switching to the new release

Release Notes

add transparency log search ui provided by chainguard team

/cc @wlynch @priyawadhwa @imjasonh

@tekton-robot tekton-robot added size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Nov 30, 2022
@tekton-robot

Copy link
Copy Markdown

Hi @developer-guy. Thanks for your PR.

I'm waiting for a tektoncd member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@developer-guy

Copy link
Copy Markdown
Contributor Author

I think we need to explain that this service has no SLOs, so there will be no guarantee that it will always be up and running ☝️

@imjasonh

Copy link
Copy Markdown
Member

I would recommend against this. The Rekor Search UI is experimental, unsupported, and reserves the right to go away at any time without warning. By contrast, labels are forever.

If folks want to document how to look up a Rekor entry in the UI based on existing annotations on resources, that seems fine. If the Rekor UI goes away we can update docs easier than we can update labels for all these resources in every cluster.

@lcarva

lcarva commented Jan 18, 2023

Copy link
Copy Markdown
Contributor

@developer-guy, based on @imjasonh's comment I think including the Rekor UI URL is not something we want to add to Chains. Would you be interested in changing the approach of this PR to instead add docs?

@developer-guy

Copy link
Copy Markdown
Contributor Author

@developer-guy, based on @imjasonh's comment I think including the Rekor UI URL is not something we want to add to Chains. Would you be interested in changing the approach of this PR to instead add docs?

that'd be great @lcarva, I'll replace the PR's content with a documentation update, thanks.

@developer-guy developer-guy force-pushed the feature/576 branch 2 times, most recently from 568209f to 800edf1 Compare January 19, 2023 09:24
@tekton-robot tekton-robot added size/S Denotes a PR that changes 10-29 lines, ignoring generated files. and removed size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Jan 19, 2023
@developer-guy

Copy link
Copy Markdown
Contributor Author

Kindly ping @imjasonh @lcarva @wlynch, I've updated the documentation and removed the updates within the codebase.

Comment thread docs/sigstore.md Outdated

### Better Way Of Navigating in Transparency Log with rekor-search-ui

There is an already annotation in the `TaskRun` or `PipelineRun,` which is `chains.tekton.dev/transparency`, which contains the transparency log entry ID and this can be used to navigate to the transparency log entry over an API, but if you prefer to use a UI, you can use [rekor-search-ui](https://github.com/chainguard-dev/rekor-search-ui), which is a simple UI for searching and viewing transparency log entries.

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe this sentence can be tighten up a little bit. Consider:

The chains.tekton.dev/transparency annotation on TaskRun and PipelineRun resources holds the URL to access the transparency log entry via Rekor's API. It is also possible to view the log entry via Rekor's web interface.

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cool, I've updated it accordingly

Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
@developer-guy developer-guy requested review from lcarva and removed request for imjasonh, priyawadhwa and wlynch January 19, 2023 15:15
@lcarva

lcarva commented Jan 19, 2023

Copy link
Copy Markdown
Contributor

/retest

@lcarva

lcarva commented Jan 19, 2023

Copy link
Copy Markdown
Contributor

Hmm. It looks like a random failure on e2e tests:

curl: (22) The requested URL returned error: 503

Unfortunately, I don't have access to re-run those tests.

@developer-guy

Copy link
Copy Markdown
Contributor Author

kindly ping @lcarva

@lcarva lcarva left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@tekton-robot tekton-robot added the lgtm Indicates that a PR is ready to be merged. label Jan 23, 2023
@tekton-robot

Copy link
Copy Markdown

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: lcarva

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@tekton-robot tekton-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jan 23, 2023
@wlynch wlynch removed the needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. label Jan 26, 2023
@wlynch

wlynch commented Jan 26, 2023

Copy link
Copy Markdown
Member

/ok-to-test

@tekton-robot tekton-robot added the ok-to-test Indicates a non-member PR verified by an org member that is safe to test. label Jan 26, 2023
@tekton-robot tekton-robot merged commit 0eb541d into tektoncd:main Jan 26, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants