Add Reference field type #133
Conversation
marcelamelara
force-pushed
the
ref-field-type
branch
3 times, most recently
from
eb4c2b5 to
5a92825
Compare
marcelamelara
force-pushed
the
ref-field-type
branch
from
5a92825 to
e387c64
Compare
|
@TomHennen Yes! So I wanted to figure out what the best order of operations is between this merging PR and #132. I think we should merge yours first, and I'll rebase on that then. Thoughts? |
|
Yeah that sounds right. :) |
marcelamelara
force-pushed
the
ref-field-type
branch
3 times, most recently
from
05d7cee to
1a5c857
Compare
Signed-off-by: Marcela Melara <[email protected]>
marcelamelara
force-pushed
the
ref-field-type
branch
from
1a5c857 to
7b5438f
Compare
Signed-off-by: Marcela Melara <[email protected]>
|
@MarkLodato you might have thoughts here |
There was a problem hiding this comment.
What is the purpose of this change? What use case is this enabling that cannot be done before? That is not explained in the PR description, and it's not clear to me.
As I have said previously, I think the clearest, simplest model is that an attestation is about an immutable thing that can be hashed. Extending it to represent a subject that is mutable makes it more confusing. Before going down that road, I'd like to see what the use case is and consider what the alternatives are.
I'm not the expert in what's going on with SLSA, but I think a good example of an attestation about something that can't be hashed is a statement that refers to a builder ID. I could imagine: "subject": [{"uri": "https://cloudbuild.googleapis.com/GoogleHostedWorker@v1"}],
"predicateType": "https://example.com/slsa-build-level",
"predicate": {
"attestorId": "https://slsa-conformance.dev",
"slsaLevel": "LEVEL_3"
}Which says that |
|
@MarkLodato My main reasoning for changing the subject's type is to enable verifiers to download the subject if they do not obtain the attestation together with the subject artifact. My initial proposal in #117 included only the @TomHennen In your example, does the URI for the builderID actually point to an underlying artifact? |
No not necessarily,. If we want to go the easy route we could:
I think this would unblock all the current concrete needs? |
|
@TomHennen I'm starting to think it might be worth handling artifact and service references (like the one in your example) through separate field types. Since the current |
|
That sounds good to me. |
|
To clarify, my only main concern is semantics of the "The attestation is bound to either As an analogy, consider car ownership. The title is like an attestation whose subject is the VIN. There are lots of other identifying details about the car in the title, such as the make, model, color, weight, etc., but the only thing "binding" is the VIN. When you want to look up a car's ownership, you only compare the car's VIN to the title's VIN. The other attributes are irrelevant (though useful in other contexts). Similarly, if you're referring to a car, you might say "That red Honda CR-V located on that side of the street, with license plate ABCXYZ and VIN 1234"; this has useful information in it, but only the VIN is used to compare to the title. |
Signed-off-by: Marcela Melara <[email protected]>
|
@MarkLodato Thanks for the clarification and language suggestions. I've pushed some updates based on our discussions. For now, we've decided to defer changing the |
marcelamelara
force-pushed
the
ref-field-type
branch
from
212e9f4 to
5a37cff
Compare
…tifacts Signed-off-by: Marcela Melara <[email protected]>
marcelamelara
force-pushed
the
ref-field-type
branch
from
5a37cff to
55f33ac
Compare
…to#133 Signed-off-by: Marcela Melara <[email protected]>
…to#133 Signed-off-by: Marcela Melara <[email protected]>
…to#133 Signed-off-by: Marcela Melara <[email protected]>
|
Closing in favor of #143. |
This PR adds a new primitive field type for artifact references.
and changes the type of the subject field in the Statement to this new type.Related to #2 and #27. Addresses #117. Part of #130 .