Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

As a user I want to differentiate cosign signatures when looking at the image manifests #1751

Open
ipanova opened this issue Aug 30, 2024 · 4 comments
Open

As a user I want to differentiate cosign signatures when looking at the image manifests #1751

ipanova opened this issue Aug 30, 2024 · 4 comments
Assignees
@git-hyagi
Labels
Feature Satellite

Comments

@ipanova
Copy link
Member

ipanova commented Aug 30, 2024
edited
Loading

Is your feature request related to a problem? Please describe.

it might be beneficial to differentiate cosign signature wrapped into a manifest from the rest of the images. It is a similar ask to #1437, as result the manifest will be marked of cosign signature type.

Right now we have 2 fields on the maifest model is_bootable and is_flatpak. Does it make sense to consolidate them into a single field type and have bootable, flatpak, cosign signature, artifact, unknown ( for still unidentified types, that we can gradually add in future with incoming requests).

Describe the solution you'd like
A clear and concise description of what you want to happen.

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.

Additional context
Add any other context about the feature request here.
@lubosmj
Copy link
Member

lubosmj commented Sep 5, 2024

I am leaning towards the idea of having a single type with different allowed values. We will need to run a migration (that will potentially read config blobs (again)). A new CharField filed (without choices constraints) will be defined on the Manifest table (+type artifact, image, volume, ...).

@ipanova
Copy link
Member Author

ipanova commented Sep 5, 2024
edited
Loading

The only 2 examples i am aware of that would require reading from config blob and look at labels -- is flatpak and bootable containers. We already have performed a migration that would extract this information into is_flatpack and is_bootable fields. So this time you will look at the field directly and not at the parsed config.json file.

For the rest of 'types' we would look at mediaType ( on config/layer) and artifactType which is set on the manifest.json file

@lubosmj
Copy link
Member

lubosmj commented Sep 5, 2024

Is there going to be defined a mapping between mediaTypes and types? Are we the ones who define that? Or, are we going to introduce a setting for that like we did for allowed artifact types?

@ianballou
Copy link
Contributor

From a Pulp user standpoint, having a single type field makes a lot of sense. An image won't be flatpak, bootable, and an artifact at the same time.
In Katello we're looking to also start differentiating if an image is an artifact or not, so we could potentially take this new field and use it directly in our API/UI/etc.

@ianballou ianballou mentioned this issue Sep 13, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@git-hyagi git-hyagi

Labels
Feature Satellite
Projects
Pulp Container Roadmap
Status: Todo
Milestone
No milestone
Development

No branches or pull requests
4 participants
@ipanova @lubosmj @ianballou @git-hyagi