chains icon indicating copy to clipboard operation
chains copied to clipboard
verified publisher icon tektoncd

Grafeas storage for PipelineRun-level provenance

Open chuangw6 opened this issue 3 years ago • 5 comments

Changes

Support storing pipelinerun level provenance in grafeas backend.

There are 3 main aspects of the PR:

  • created different BUILD Notes for storing both taskrun and pipelinerun level provenance/occurrence in grafeas that attest the same artifact.
  • extracted artifact identifiers from intoto subjects instead of calling individual helpers to extract from results.
  • changed TektonObject "GetKind" method to "GetGVK" to get the whole GroupVersionKind information.

Signed-off-by: Chuang Wang [email protected]

Submitter Checklist

As the author of this PR, please check off the items in this checklist:

  • [ ] Has Docs included if any changes are user facing
  • [ ] Has Tests included if any functionality added or changed
  • [ ] Follows the commit message standard
  • [ ] Meets the Tekton contributor standards (including functionality, content, code)
  • [ ] Release notes block below has been updated with any user facing changes (API changes, bug fixes, changes requiring upgrade notices or deprecation warnings)
  • [ ] Release notes contains the string "action required" if the change requires additional action from users switching to the new release

Release Notes

Support Grafeas storage for PipelineRun level provenance

chuangw6 avatar Oct 05 '22 13:10 chuangw6

Skipping CI for Draft Pull Request. If you want CI signal for your change, please convert it to an actual PR. You can still manually trigger a test run with /test all

tekton-robot avatar Oct 05 '22 14:10 tekton-robot

The following is the coverage report on the affected files. Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/intotoite6/taskrun/taskrun.go 74.6% 75.8% 1.1
pkg/chains/storage/grafeas/grafeas.go 79.3% 78.4% -0.9

tekton-robot avatar Oct 07 '22 21:10 tekton-robot

The following is the coverage report on the affected files. Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/intotoite6/taskrun/taskrun.go 74.6% 75.8% 1.1
pkg/chains/storage/grafeas/grafeas.go 79.3% 78.4% -0.9

tekton-robot avatar Oct 07 '22 22:10 tekton-robot

This PR is ready for review. Please take a look @wlynch, @jagathprakash, @lcarva when you get a chance. Thank you very much for your time and feedback in advance!

chuangw6 avatar Oct 11 '22 14:10 chuangw6

The following is the coverage report on the affected files. Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/intotoite6/taskrun/taskrun.go 74.6% 75.8% 1.1
pkg/chains/storage/grafeas/grafeas.go 79.3% 78.4% -0.9

tekton-robot avatar Oct 17 '22 14:10 tekton-robot

Mostly LGTM!

Just some small tweaks.

Hey @wlynch, Thank you so much for reviewing the PR. I've incorporated all the comments in the recent change except the unresolved one. Please take a look and let me know what you think. Happy to change accordingly. Also for other resolved comments, feel free to reopen if you have more comments. Thank you very much!

chuangw6 avatar Oct 17 '22 14:10 chuangw6

The following is the coverage report on the affected files. Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/intotoite6/taskrun/taskrun.go 74.6% 75.8% 1.1
pkg/chains/storage/grafeas/grafeas.go 79.3% 78.4% -0.9

tekton-robot avatar Oct 17 '22 17:10 tekton-robot

The following is the coverage report on the affected files. Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/intotoite6/extract/extract.go Do not exist 50.0%
pkg/chains/formats/intotoite6/taskrun/taskrun.go 74.6% 75.8% 1.1
pkg/chains/storage/grafeas/grafeas.go 79.3% 78.4% -0.9

tekton-robot avatar Oct 18 '22 17:10 tekton-robot

The following is the coverage report on the affected files. Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/intotoite6/extract/extract.go Do not exist 50.0%
pkg/chains/formats/intotoite6/taskrun/taskrun.go 74.6% 75.8% 1.1
pkg/chains/storage/grafeas/grafeas.go 79.3% 78.4% -0.9

tekton-robot avatar Oct 18 '22 18:10 tekton-robot

The following is the coverage report on the affected files. Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/intotoite6/extract/extract.go Do not exist 51.4%
pkg/chains/formats/intotoite6/taskrun/taskrun.go 74.6% 75.8% 1.1
pkg/chains/storage/grafeas/grafeas.go 79.3% 78.0% -1.3

tekton-robot avatar Oct 18 '22 18:10 tekton-robot

The following is the coverage report on the affected files. Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/intotoite6/extract/extract.go Do not exist 51.4%
pkg/chains/formats/intotoite6/taskrun/taskrun.go 74.6% 75.8% 1.1
pkg/chains/storage/grafeas/grafeas.go 78.8% 77.4% -1.4

tekton-robot avatar Oct 18 '22 19:10 tekton-robot

The following is the coverage report on the affected files. Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/intotoite6/extract/extract.go Do not exist 51.4%
pkg/chains/formats/intotoite6/taskrun/taskrun.go 74.6% 75.8% 1.1
pkg/chains/storage/grafeas/grafeas.go 78.8% 77.4% -1.4

tekton-robot avatar Oct 18 '22 19:10 tekton-robot

/assign @wlynch

added you as assignee. Thank you for the thorough review!!

chuangw6 avatar Oct 19 '22 20:10 chuangw6

The following is the coverage report on the affected files. Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/intotoite6/extract/extract.go Do not exist 48.8%
pkg/chains/formats/intotoite6/taskrun/taskrun.go 75.4% 76.5% 1.1
pkg/chains/storage/grafeas/grafeas.go 78.8% 77.4% -1.4

tekton-robot avatar Oct 20 '22 14:10 tekton-robot

The following is the coverage report on the affected files. Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/intotoite6/extract/extract.go Do not exist 41.9%
pkg/chains/formats/intotoite6/taskrun/taskrun.go 75.4% 76.5% 1.1
pkg/chains/storage/grafeas/grafeas.go 78.8% 77.4% -1.4

tekton-robot avatar Oct 20 '22 19:10 tekton-robot

The following is the coverage report on the affected files. Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/intotoite6/extract/extract.go Do not exist 41.9%
pkg/chains/formats/intotoite6/taskrun/taskrun.go 75.4% 76.5% 1.1
pkg/chains/storage/grafeas/grafeas.go 78.8% 77.4% -1.4

tekton-robot avatar Oct 20 '22 20:10 tekton-robot

The following is the coverage report on the affected files. Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/chains/formats/intotoite6/extract/extract.go Do not exist 41.9%
pkg/chains/formats/intotoite6/taskrun/taskrun.go 75.4% 76.5% 1.1
pkg/chains/storage/grafeas/grafeas.go 78.8% 77.4% -1.4

tekton-robot avatar Oct 20 '22 20:10 tekton-robot

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: wlynch

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment Approvers can cancel approval by writing /approve cancel in a comment

tekton-robot avatar Oct 21 '22 22:10 tekton-robot