Ratify v2 design

[binbin-li]

What would you like to be added?

Features:

• Parity features in CLI
  • KMP and KMP configuration in Verifiers
  • Support auth with cloud providers
  • New command to list all configured plugins
• Parity features in standalone service
  • Same as CLI
  • Dynamically configurable.
• Support multiple auth providers in oras store
• CRD validating/defaulting/conversion webhook

Refactoring:

• Refactor Policy workflow to decouple from executor.
  • If we want to keep supporting config policy, would need to fix limitations/bugs in config policy enforcer.
  • Standardize the ED response and verifier reports format.
• Cache Refactoring
  • Remove Dapr but directly access Redis for HA scenario.
  • Share cache among main process and external plugins.
    • Don't share cache.
    • Use some IPC mechanism or mmap to consolidate cache managment.
    • Stop using cache in external plugins.
• Reorganize project structure.
  • Move external plugin implementation to separate repo.
  • Reorganize repo to separate core framework, CLI, Standalone service and K8s service.

Deprecation:

• Deprecate CertificateStore CRD
• Deprecate legacy cosign verifier
• Deprecate legacy LicenseChecker verifier
• Uniform all plugins to correctly reference name and type fields.

Anything else you would like to add?

No response

Are you willing to submit PRs to contribute to this feature?

• Yes, I am willing to implement it.

[susanshi]

would we refactor our tests to move external plugins tests along with plugin move?