CNAB Security 300 #253
Merged
CNAB Security 300 #253
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
|
radu-matei
reviewed
Aug 15, 2019
There was a problem hiding this comment.
This is a great start, thanks a lot for putting this together, @trishankatdatadog!
I have a few comments, mainly about wording.
As per our conversation, I would propose the following:
-
renaming repositories to metadata repositories, in order to avoid confusions with image repositories (term which already has a meaning for containers).
-
suggest the possibility of using a single metadata repository (trusted collection in TUF) for a project, which could contain signed bundle and image metadata, together with relevant in-toto metadata.
-
suggest / propose (but not impose) a scaffolding for the project layout - with a root layout that describes the bundle provenance, and optional sublayouts for the components referenced in the bundle.
-
introduce the idea of verification images (similar to invocation images) - container images that define the environment where the in-toto verification would take place at runtime.
Thanks a lot for starting this discussion!
|
Okay, I've decided to split everything up, and am using 300 as a roadmap. The pieces are as follows:
More to come. Stay tuned! |
This was referenced Sep 16, 2019
Merged
trishankatdatadog
changed the title
1 task
vdice
reviewed
Dec 26, 2019
|
Thanks for your feedback @vdice! |
chris-crone
reviewed
Jan 29, 2020
trishankatdatadog
force-pushed
the
trishankatdatadog/301
branch
2 times, most recently
from
410faca to
cd5f449
Compare
Signed-off-by: Trishank K Kuppusamy <[email protected]> overview and table of contents Signed-off-by: Trishank K Kuppusamy <[email protected]> move some text around Signed-off-by: Trishank K Kuppusamy <[email protected]> better TOC; abstract; introduction Signed-off-by: Trishank K Kuppusamy <[email protected]> fix small grammar issue Signed-off-by: Trishank K Kuppusamy <[email protected]> introduce repos Signed-off-by: Trishank K Kuppusamy <[email protected]> add some TODOs about image repos Signed-off-by: Trishank K Kuppusamy <[email protected]> some clarifications(?) Signed-off-by: Trishank K Kuppusamy <[email protected]> break things up a bit Signed-off-by: Trishank K Kuppusamy <[email protected]> simplifying assumption: one image registry <=> one image repo Signed-off-by: Trishank K Kuppusamy <[email protected]> minor language edits Signed-off-by: Trishank K Kuppusamy <[email protected]> WIP on traditional img repos Signed-off-by: Trishank K Kuppusamy <[email protected]> WIP Signed-off-by: Trishank K Kuppusamy <[email protected]> expand ToC Signed-off-by: Trishank K Kuppusamy <[email protected]> defer community image repos Signed-off-by: Trishank K Kuppusamy <[email protected]> some minor fixes Signed-off-by: Trishank K Kuppusamy <[email protected]> introduce idea of gradual security Signed-off-by: Trishank K Kuppusamy <[email protected]> add section on gradual security Signed-off-by: Trishank K Kuppusamy <[email protected]> WIP Signed-off-by: Trishank K Kuppusamy <[email protected]> end here today Signed-off-by: Trishank K Kuppusamy <[email protected]> separate security analysis Signed-off-by: Trishank K Kuppusamy <[email protected]> move things around a bit Signed-off-by: Trishank K Kuppusamy <[email protected]> wrap up traditional img repos Signed-off-by: Trishank K Kuppusamy <[email protected]> add a sentence Signed-off-by: Trishank K Kuppusamy <[email protected]> mention PEPs 458 & 480 for community img repos Signed-off-by: Trishank K Kuppusamy <[email protected]> add a reference Signed-off-by: Trishank K Kuppusamy <[email protected]> draft of signing workflows Signed-off-by: Trishank K Kuppusamy <[email protected]> minor language edits Signed-off-by: Trishank K Kuppusamy <[email protected]> defer a few things Signed-off-by: Trishank K Kuppusamy <[email protected]> one more thing to defer for now Signed-off-by: Trishank K Kuppusamy <[email protected]> add some important considerations Signed-off-by: Trishank K Kuppusamy <[email protected]> minor edits Signed-off-by: Trishank K Kuppusamy <[email protected]> Clarify why bundle.json is mounted in the invocation image (cnabio#228) * clarify why bundle.json is mounted in the invocation image Signed-off-by: Trishank K Kuppusamy <[email protected]> * remove link Signed-off-by: Trishank K Kuppusamy <[email protected]> add a CNAB Registry icon (cnabio#232)  Adds a registry icon, which is a variant of the main CNAB logo. Signed-off-by: Trishank K Kuppusamy <[email protected]> add a CNAB Security icon (cnabio#231) Signed-off-by: Trishank K Kuppusamy <[email protected]> Remove the `immutable` attribute from parameters This removes the `immutable` attribute from parameters per Issue cnabio#229 Signed-off-by: Trishank K Kuppusamy <[email protected]> Remove wording about immutable parameters Signed-off-by: Trishank K Kuppusamy <[email protected]> Remove fields from outputs Signed-off-by: Radu M <[email protected]> Signed-off-by: Trishank K Kuppusamy <[email protected]> fix(claim.schema.json): s/underay/underway Signed-off-by: Trishank K Kuppusamy <[email protected]> fix(claim.schema.json): s/descripton/description Signed-off-by: Trishank K Kuppusamy <[email protected]> Adds information about the Specification Freeze (cnabio#238) Signed-off-by: Trishank K Kuppusamy <[email protected]> Update 103-bundle-runtime.md s/Instance/Installation Signed-off-by: Trishank K Kuppusamy <[email protected]> massively simplify 300 Signed-off-by: Trishank K Kuppusamy <[email protected]> terminology updates Signed-off-by: Trishank K Kuppusamy <[email protected]> more fine-grained security levels Signed-off-by: Trishank K Kuppusamy <[email protected]> KISS: break up metadata repositories, signing, verification Signed-off-by: Trishank K Kuppusamy <[email protected]> fix(400-claims.md): add mention of the custom field in a claim (cnabio#255) Signed-off-by: Trishank K Kuppusamy <[email protected]> Update README.md (cnabio#260) Remove the OCI mailing list info Signed-off-by: Trishank K Kuppusamy <[email protected]> Update definitions schema to use a bespoke JSON Schema Version (cnabio#257) * Update definitions schema to use integer, remove `number` as a type Fixes cnabio#256 * Incorporate suggestion Signed-off-by: Trishank K Kuppusamy <[email protected]> fix: corrected a typo Signed-off-by: Matt Butcher <[email protected]> Signed-off-by: Trishank K Kuppusamy <[email protected]> clearify wording on writeOnly Signed-off-by: Matt Butcher <[email protected]> Signed-off-by: Trishank K Kuppusamy <[email protected]> clarify what to do when multiple invocation images match a pattern Signed-off-by: Matt Butcher <[email protected]> Signed-off-by: Trishank K Kuppusamy <[email protected]> fix: clarify the wording on stateless actions Signed-off-by: Matt Butcher <[email protected]> Signed-off-by: Trishank K Kuppusamy <[email protected]> Add clarification to `readOnly` definition Signed-off-by: Trishank K Kuppusamy <[email protected]> Clarify parameters are encoded as json strings Signed-off-by: Trishank K Kuppusamy <[email protected]> Clarify defaults for outputs and parameters (cnabio#270) * Clarify how required and default interact * Clarify output defaults Signed-off-by: Trishank K Kuppusamy <[email protected]> Removed extra were Signed-off-by: Trishank K Kuppusamy <[email protected]> explain how claims treat parameters and credentials differently, and why (cnabio#267) Signed-off-by: Matt Butcher <[email protected]> Signed-off-by: Trishank K Kuppusamy <[email protected]> Update contentDigest wording to clarify behavior (cnabio#261) * Update contentDigest wording to clarify behavior Fixes: cnabio#254 * Update markup for contentDigest * Update comments Signed-off-by: Trishank K Kuppusamy <[email protected]> Clarify upgrade version handling responsibility Signed-off-by: Christopher Crone <[email protected]> Signed-off-by: Trishank K Kuppusamy <[email protected]> Improve wording Signed-off-by: Christopher Crone <[email protected]> Signed-off-by: Trishank K Kuppusamy <[email protected]> Fix OWF Contributor License Agreement link (cnabio#276) Signed-off-by: Trishank K Kuppusamy <[email protected]> Clarify failed action handling (cnabio#274) Signed-off-by: Christopher Crone <[email protected]> Signed-off-by: Trishank K Kuppusamy <[email protected]> CNAB Core 1.0 GA This commit marks the Working Group Acceptance (GA) of the CNAB Core 1.0 specification. Signed-off-by: Matt Butcher <[email protected]> Signed-off-by: Trishank K Kuppusamy <[email protected]> Final Approval for CNAB Core 1.0 Specification This commit indicates that the CNAB specification is now a published final version. Signed-off-by: Trishank K Kuppusamy <[email protected]> Update README.md Co-Authored-By: Carolyn Van Slyck <[email protected]> Signed-off-by: Trishank K Kuppusamy <[email protected]> Update 100-CNAB.md Co-Authored-By: Carolyn Van Slyck <[email protected]> Signed-off-by: Trishank K Kuppusamy <[email protected]> Add mailing list (cnabio#283) Signed-off-by: Trishank K Kuppusamy <[email protected]> Bump bundle schemaVersion to 1.0.0 (cnabio#278) Signed-off-by: Christopher Crone <[email protected]> Signed-off-by: Trishank K Kuppusamy <[email protected]> Update 103-bundle-runtime.md fixing the misleading description in the example of setting parameter value in file. Signed-off-by: Trishank K Kuppusamy <[email protected]> Define host environment Signed-off-by: Matt Butcher <[email protected]> Signed-off-by: Trishank K Kuppusamy <[email protected]> Make status.json a CNAB Output Signed-off-by: Trishank K Kuppusamy <[email protected]> fix: remove an unnecessary section Signed-off-by: Matt Butcher <[email protected]> Signed-off-by: Trishank K Kuppusamy <[email protected]> add bundleReference to the claim specification Signed-off-by: Matt Butcher <[email protected]> Signed-off-by: Trishank K Kuppusamy <[email protected]> Update 400-claims.md Co-Authored-By: Glyn Normington <[email protected]> Signed-off-by: Trishank K Kuppusamy <[email protected]> address @vdice feedback Signed-off-by: Trishank K Kuppusamy <[email protected]> remove .gitignore Signed-off-by: Trishank K Kuppusamy <[email protected]> fix links per @chris-crone feedback Signed-off-by: Trishank K Kuppusamy <[email protected]>
trishankatdatadog
force-pushed
the
trishankatdatadog/301
branch
from
249975b to
c5da9e9
Compare
radu-matei
approved these changes
Feb 5, 2020
|
Could @vdice or @chris-crone please 👀, ✅, and merge? Thanks! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Major TODOs:
Minor TODOs:
Sub-PRs: