Set the StorageOpts's key for OCI artifact to be the full identifier

[chuangw6]

Feature request

There is a clear need in Grafeas backend storage to get the full identifier for an OCI artifact, that is IMAGE_URL@IMAGE_DIGEST.

Currently, the StorageOpts key is set to be just the first 12 chars of the digest for OCI artifact. That means in grafeas backend implementation, we have to do some extra work to loop over all the images generated from a taskrun, and compare the first 12 chars of every single image's digest to the key field of StorageOpts in order to find the full representation IMAGE_URL@IMAGE_DIGEST. That's not good.

Therefore, it would be great if the StorageOpts key is set to be the full representation IMAGE_URL@IMAGE_DIGEST for OCI artifact beforehand instead of just first 12 chars of the digest.

Use case

When creating grafeas occurrences, we need to set the resourceUri field to be the full path of an image.

Thanks @wlynch for the idea.

[wlynch]

This sounds fine - I'll need to dig in a bit more to see how this is referenced in other places, but refactoring how this is passed around within chains so that Grafeas can have access to the full digest sgtm.

[chuangw6]

/close because this is fixed by https://github.com/tektoncd/chains/pull/589

[tekton-robot]

@chuangw6: Closing this issue.

In response to this:

/close because this is fixed by https://github.com/tektoncd/chains/pull/589

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.