Hector Fernandez comments

Results 189 comments of


                                            Hector Fernandez

Allow overriding webhook controller options

@pierDipi I extended the previous work from @dprotaso to be used by all the webhook types https://github.com/knative/pkg/compare/main...hectorj2f:pkg:defaulting-options?expand=1. Also I believe it makes more sense to add the ControllerOptions as an...

Allow using a TSA instead of Rekor to validate certs

Closing this issue! We added support for this feature request.

Should be worrying about ephemeral containers

Closing this issue! Yes, we have to worry about ephemeral containers. We also added support for those in the sigstore/policy-controller.

Show SBOM package IDs in Grype output formats

Generally I'd expect it to be `Package-java-archive-log4j-cc19cc6120e2ffa6` or even `SPDXRef-Package-java-archive-log4j-cc19cc6120e2ffa6`.

TX rollback error: sql: transaction has already been committed or rolled back

Is there any way to increase the verbosity of these errors ? So we can troubleshoot them ourselves. I checked our deployment and saw that `--tracing=true` is enabled.

Feature: Enable package signature validation with cosign

@jessesanford We are currently working on reusing the current effort of sigstore/cosigned to verify signatures even using the CLI. I am not sure if that would help you but here...

pipelines/ruby: add support to install all the required runtime deps from a gemspec

cc @rawlingsj

Add a new go pipeline to only manage deps

I feel we could extend this pipeline to support `go mod edit` calls in the future.

Add support to provide search capabilities for the stored artifacts

@SteveLasker Yes, I'll have a look at the current examples and build something from it.

Avoid using map collections in the json output

Wouldn't it be possible for us to change the FileReport struct to use an array of Behavior instead of a map[string]Behavior ? I am trying to use the JSON output...