Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Introduce OCI artifacts signatures #296

Merged
merged 11 commits into from
Jul 10, 2023

Conversation

maxgio92
Copy link
Member

@maxgio92 maxgio92 commented Jun 23, 2023

What type of PR is this?

/kind feature

Any specific area of the project related to this PR?

/area registry
/area build

What this PR does / why we need it:

To provide signatures for the plugin OCI artifacts, as OCI artifacts, with cosign.

Which issue(s) this PR fixes:

Fixes #244

Special notes for your reviewer:

This is part of the work for providing signatures for Falco artifacts, alongside:

@maxgio92 maxgio92 changed the title Introduce OCI artifacts signatures wip: Introduce OCI artifacts signatures Jun 23, 2023
@poiana poiana requested review from jasondellaluce and leogr June 23, 2023 09:57
@poiana poiana added the size/XL label Jun 23, 2023
@maxgio92 maxgio92 force-pushed the feat/registry-print-status branch from ee5ac2a to ee8b2b3 Compare June 24, 2023 12:58
@maxgio92 maxgio92 changed the title wip: Introduce OCI artifacts signatures Introduce OCI artifacts signatures Jun 30, 2023
@maxgio92 maxgio92 marked this pull request as ready for review June 30, 2023 09:26
@maxgio92
Copy link
Member Author

Ready to be reviewed @falcosecurity/plugins-maintainers

if: ${{ needs.publish-oci-artifacts.outputs.matrix != '[]' }}
strategy:
matrix:
value: ${{ fromJson(needs.publish-oci-artifacts.outputs.matrix) }}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is awesome 🤩

@LucaGuerra
Copy link
Contributor

I was able to test artifacts produced with this workflow along with my falcoctl patch linked in this PR and it works! :)

Copy link
Member

@alacuku alacuku left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @maxgio92. Left some minor comments.

return err
pa, ra, err := handleArtifact(ctx, cfg, &plugin, s3Client, ociClient)
if err != nil {
return artifacts, err
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we return nil? Do we use partial results in case of error?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, @alacuku, I think it would be useful to provide them, as at the end of the day, the previous successful handle runs, if any, would be successful. WDYT?

// Clean up
if err := os.RemoveAll(plugin.Name); err != nil {
return fmt.Errorf("unable to remove folder %q: %v", plugin.Name, err)
return artifacts, fmt.Errorf("unable to remove folder %q: %v", plugin.Name, err)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same here.

@poiana
Copy link
Contributor

poiana commented Jul 10, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: alacuku, leogr, maxgio92

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@poiana poiana merged commit 513968f into falcosecurity:master Jul 10, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Provide signatures for plugins when distributed as OCI artifacts
5 participants