Skip to content
This repository has been archived by the owner on Nov 22, 2024. It is now read-only.

policy engine: Execution of YAML workflows #48

Conversation

johnandersen777
Copy link

@johnandersen777 johnandersen777 commented Aug 7, 2024

- Working with SSH authorized_keys and OIDC style jwks
  - CWT decode
  - COSESign1.verify_signature
  - Working registration policy

Signed-off-by: John Andersen <[email protected]>
$ git ls-files '*.py' | xargs autoflake --in-place --remove-all-unused-imports --ignore-init-module-imports

Signed-off-by: John Andersen <[email protected]>
Signed-off-by: John Andersen <[email protected]>
…lic key resolvers tested seperatly

Signed-off-by: John Andersen <[email protected]>
… based policy engine. TODO Receipts with attestations for SLSA L4

NO_CELERY=1 GITHUB_TOKEN=$(gh auth token) nodemon -e py --exec 'clear; python -m pytest -s -vv scitt_emulator/policy_engine.py; test 1'

jsonschema -i <(cat request.yml | python -c 'import json, yaml, sys; print(json.dumps(yaml.safe_load(sys.stdin.read()), indent=4, sort_keys=True))') <(python -c 'import json, scitt_emulator.policy_engine; print(json.dumps(scitt_emulator.policy_engine.PolicyEngineRequest.model_json_schema(), indent=4, sort_keys=True))')

Signed-off-by: John Andersen <[email protected]>
Signed-off-by: John Andersen <[email protected]>
Signed-off-by: John Andersen <[email protected]>
Signed-off-by: John Andersen <[email protected]>
Signed-off-by: John Andersen <[email protected]>
Signed-off-by: John Andersen <[email protected]>
pdxjohnny and others added 20 commits March 23, 2024 22:02
Signed-off-by: John Andersen <[email protected]>
Working with litellm[proxy]@2f0a9aa17d5291d91e9dac196b72334bbb0eaf2a

Signed-off-by: John Andersen <[email protected]>
…do not set new key when within current key

Signed-off-by: John Andersen <[email protected]>
Signed-off-by: John Andersen <[email protected]>
Signed-off-by: John Andersen <[email protected]>
Signed-off-by: John Andersen <[email protected]>
Signed-off-by: John Andersen <[email protected]>
Signed-off-by: John Andersen <[email protected]>
Signed-off-by: John Andersen <[email protected]>
@johnandersen777 johnandersen777 force-pushed the policy_engine_cwt_rebase branch from fdaf1e2 to ab60710 Compare August 19, 2024 16:42
@SteveLasker
Copy link
Contributor

Thank you @pdxjohnny. This repo flushed out a number of scenarios to enable the group to make progress.
At this point, the repo has become out of date with the drafts and we've shifted to production implementations making this repo more confusing to folks looking to engage.
We'll archive this repo for reference of the work.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants