Priya Wadhwa

Improving Sharding Downtime

9

Right now, sharding the log requires about 10-20 minutes of downtime. Sharding process currently looks like this: 1. Create a new trillian tree 2. Mark the current tree as frozen...

We could consider using the JWKS format for the rekor public keys, which would be useful if we want to send multiple keys to a user. This could be nice...

A list of things we want to do before releasing 1.0: - [x] https://github.com/tektoncd/chains/issues/204 - [x] https://github.com/tektoncd/chains/issues/203 - [x] https://github.com/tektoncd/chains/issues/191 - [x] https://github.com/tektoncd/chains/issues/190 - [x] https://github.com/tektoncd/chains/issues/166 - [x] https://github.com/tektoncd/chains/issues/156 -...

Grafeas unit tests are flaky

9

The grafeas `[pkg/chains/storage/grafeas TestBackend_ListOccurrences]` unit test is flaky: ``` grafeas_test.go:85: Wrong list of occurrences received for empty filter, got= (*grafeas_go_proto.ListOccurrencesResponse)(Inverse(protocmp.Transform, protocmp.Message{ })) ``` an [example failure log](https://tekton-releases.appspot.com/build/tekton-prow/pr-logs/pull/tektoncd_chains/420/pull-tekton-chains-unit-tests/1517164418503282689/) provided. cc @chuangw6...

Sign other types of artifacts

11

Right now we only sign TaskRuns and OCI Images, but it would be cool to give users a way to sign other types of results (binaries, files, whatever)

Consider renaming `IMAGE_URL`/`IMAGE_DIGEST` type hints to `ARTIFACT_NAME`/`ARTIFACT_DIGEST`

10

When generating provenance from a `TaskRun` [Chains looks for](https://github.com/tektoncd/chains/blob/main/docs/config.md#chains-type-hinting) `*IMAGE_URL` and `*IMAGE_DIGEST` results types to figure out what artifact was actually built. This is what goes into the [subject](https://github.com/tektoncd/chains/blob/main/PROVENANCE_SPEC.md#schema) section...

Currently, we can't cross compile darwin on linux because it uses CGO. I think we could remove CGO entirely from that file and replace the current GetExecutablePath() function with: ```go...

Review unit and integration tests

3

Some things we could do here to make sure we have good test coverage: - [ ] Make sure unit tests are thorough - [ ] Reorganize integration tests (they're...

Add Rekor 1.0 CHANGELOG

2

Signed-off-by: Priya Wadhwa ref https://github.com/sigstore/rekor/issues/1005 #### Summary #### Release Note #### Documentation

Pre-release is out! We want to release Rekor 1.0 at 45f17ce35901b0439c468f248b7121de001eb7da to include a change to rekor-cli which wasn't included in the pre-release. A tracking issue for Rekor 1.0 Items...