-
Notifications
You must be signed in to change notification settings - Fork 136
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add user-facing doc "SLSA Provenance" #913
Conversation
fda2c70
to
0ba06d7
Compare
cc @chitrangpatel @wlynch @lcarva PTAL. Any feedback would be appreciated! Thanks |
0855525
to
66d9065
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for putting this together!
This looks like a mix between the existing type hinting docs and tutorials that include lifecycle information. 🤔
I'd like to avoid duplicating / fragmenting docs if we can. I think most of this information is already present in https://github.com/tektoncd/chains/blob/main/docs/intoto.md. Can we consolidate these docs together?
Yeah, type hinting is also mentioned in https://github.com/tektoncd/chains/blob/main/docs/config.md#chains-type-hinting. I'll consolidate those docs
|
66d9065
to
e239ef3
Compare
e239ef3
to
832ec6d
Compare
Hi @wlynch, I've cleaned up the docs. PTAL. It turns out the I also added a reference to the build type doc that @chitrangpatel is working on in #906. |
e13acb8
to
36763a8
Compare
docs/how-to-chain-with-pipeline.md
Outdated
- SLSA v1.0 provenance: `slsa/v2alpha2` | ||
- SLSA v0.2 provenance: `slsa/v1` or `in-toto` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Table-ify this
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is where it would make sense to include links to the different slsa spec docs
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Table-ify this
Done!
This is where it would make sense to include links to the different slsa spec docs
SGTM.
@chitrangpatel Assume this PR might be merged first, could you please add link to spec doc once #906 is merged? Thanks
abff964
to
c4f3956
Compare
@wlynch Thank you for taking your time to review. I've incorporated all of your suggestions. Please take another look and let me know if you have any other comments/questions. Thanks again! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM besides a link fix!
f4c9ff6
to
1d35673
Compare
/test pull-tekton-chains-integration-tests |
/approve |
1d35673
to
9614eae
Compare
Fixes tektoncd#786 The doc includes instruction on how to configure a pipeline/task so that Tekton Chains can generate provenance properly. Signed-off-by: Chuang Wang <[email protected]>
9614eae
to
2530dcb
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: chitrangpatel, wlynch The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Changes
Fixes #786
The doc includes instruction on how to configure a pipeline/task so that Tekton Chains can generate SLSA provenance properly.
Submitter Checklist
As the author of this PR, please check off the items in this checklist:
functionality, content, code)
Release Notes