Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feature: create image policy types and CRDs #1417

Closed
kkavitha opened this issue Feb 7, 2022 · 6 comments · Fixed by #1540 or #1548
Closed

feature: create image policy types and CRDs #1417

kkavitha opened this issue Feb 7, 2022 · 6 comments · Fixed by #1540 or #1548
Assignees
@kkavitha
Labels
enhancement New feature or request

Comments

@kkavitha
Copy link
Contributor

kkavitha commented Feb 7, 2022
edited
Loading

Associated doc: https://docs.google.com/document/d/1gBLEOOHWOmvHVsoJbgGU74GdwA6CGxMRp3MAeEB50l4/edit#

Based upon discovery in the referenced doc, create necessary types and CRD to support future work on Image Policy for cosigned admission controller.

Outcome:

  • Necessary data types have been defined
  • Validation and default values have been established

@mattmoor @coyote240 @hectorj2f

See also: #1418 #1419
@kkavitha kkavitha added the enhancement New feature or request label Feb 7, 2022
@mattmoor
Copy link
Member

mattmoor commented Feb 7, 2022

Here's a sample anatomy from the Knative sample-controller:

We also generally use _lifecycle.go to capture status manipulations: https://github.com/knative-sandbox/sample-controller/blob/e0d660a91633d4c48d9ce12359fc1b17a2dbfc0b/pkg/apis/samples/v1alpha1/addressable_service_lifecycle.go#L27

@mattmoor
Copy link
Member

mattmoor commented Feb 7, 2022

When we get to conversion webhooks, that'd go somewhere like this: https://github.com/knative/serving/blob/0b4ef84741509d6d8b67454a09fd15849ba48b93/pkg/apis/serving/v1/configuration_conversion.go#L26 (posting mostly for completeness).

This was referenced Feb 7, 2022
Closed
Closed
@coyote240
Copy link

Working thru issues w/ internally generated CA. Basic policy structure and room for validation and defaulting in place. Will be asking for help from Knative team members w/in our org.

Need to add tests.

https://github.com/coyote240/cosign/pull/2/files

@mattmoor
Copy link
Member

Awesome. LMK if I can help play matchmaker or if there's anything I can do to help.

@coyote240 coyote240 mentioned this issue Feb 18, 2022
Closed
@mattmoor
Copy link
Member

Left some comments on the latest PR, I also have someone eager to help, so maybe we can sync up on where we are on these issues?

@mattmoor
Copy link
Member

cc @jdolitsky ☝️

mattmoor added a commit to mattmoor/cosign that referenced this issue Feb 22, 2022
@mattmoor
This sets up the scaffolding for the cosigned CRD types.
c6f7e38 
This mostly contains the boilerplate stuff like codegen and whatnot to bootstrap a Knative controller.  This doesn't contain any of the meaningful type definition aspects, which will follow in a subsequent PR.

Sets up for sigstore#1417
mattmoor added a commit to mattmoor/cosign that referenced this issue Feb 22, 2022
@mattmoor
This sets up the scaffolding for the cosigned CRD types.
7737ade 
This mostly contains the boilerplate stuff like codegen and whatnot to bootstrap a Knative controller.  This doesn't contain any of the meaningful type definition aspects, which will follow in a subsequent PR.

Sets up for sigstore#1417

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
mattmoor added a commit to mattmoor/cosign that referenced this issue Feb 22, 2022
@mattmoor
This sets up the scaffolding for the cosigned CRD types.
1ebda94 
This mostly contains the boilerplate stuff like codegen and whatnot to bootstrap a Knative controller.  This doesn't contain any of the meaningful type definition aspects, which will follow in a subsequent PR.

Sets up for sigstore#1417

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
@mattmoor mattmoor mentioned this issue Feb 22, 2022
Merged
mattmoor added a commit to mattmoor/cosign that referenced this issue Feb 22, 2022
@mattmoor
This sets up the scaffolding for the cosigned CRD types.
2420595 
This mostly contains the boilerplate stuff like codegen and whatnot to bootstrap a Knative controller.  This doesn't contain any of the meaningful type definition aspects, which will follow in a subsequent PR.

Sets up for sigstore#1417

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
mattmoor added a commit to mattmoor/cosign that referenced this issue Feb 22, 2022
@mattmoor
This sets up the scaffolding for the cosigned CRD types.
bcbb09e 
This mostly contains the boilerplate stuff like codegen and whatnot to bootstrap a Knative controller.  This doesn't contain any of the meaningful type definition aspects, which will follow in a subsequent PR.

Sets up for sigstore#1417

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
mattmoor added a commit to mattmoor/cosign that referenced this issue Feb 22, 2022
@mattmoor
This sets up the scaffolding for the cosigned CRD types.
eb77809 
This mostly contains the boilerplate stuff like codegen and whatnot to bootstrap a Knative controller.  This doesn't contain any of the meaningful type definition aspects, which will follow in a subsequent PR.

Sets up for sigstore#1417

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
mattmoor added a commit to mattmoor/cosign that referenced this issue Feb 22, 2022
@mattmoor
This sets up the scaffolding for the cosigned CRD types.
382e7e3 
This mostly contains the boilerplate stuff like codegen and whatnot to bootstrap a Knative controller.  This doesn't contain any of the meaningful type definition aspects, which will follow in a subsequent PR.

Sets up for sigstore#1417

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
mattmoor added a commit to mattmoor/cosign that referenced this issue Feb 22, 2022
@mattmoor
This sets up the scaffolding for the cosigned CRD types.
b9f2151 
This mostly contains the boilerplate stuff like codegen and whatnot to bootstrap a Knative controller.  This doesn't contain any of the meaningful type definition aspects, which will follow in a subsequent PR.

Sets up for sigstore#1417

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
mattmoor added a commit to mattmoor/cosign that referenced this issue Feb 22, 2022
@mattmoor
This sets up the scaffolding for the cosigned CRD types.
bf6ec8c 
This mostly contains the boilerplate stuff like codegen and whatnot to bootstrap a Knative controller.  This doesn't contain any of the meaningful type definition aspects, which will follow in a subsequent PR.

Sets up for sigstore#1417

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
mattmoor added a commit to mattmoor/cosign that referenced this issue Feb 22, 2022
@mattmoor
This sets up the scaffolding for the cosigned CRD types.
40ad640 
This mostly contains the boilerplate stuff like codegen and whatnot to bootstrap a Knative controller.  This doesn't contain any of the meaningful type definition aspects, which will follow in a subsequent PR.

Sets up for sigstore#1417

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
mattmoor added a commit to mattmoor/cosign that referenced this issue Feb 23, 2022
@mattmoor
This sets up the scaffolding for the cosigned CRD types.
fad7b83 
This mostly contains the boilerplate stuff like codegen and whatnot to bootstrap a Knative controller.  This doesn't contain any of the meaningful type definition aspects, which will follow in a subsequent PR.

Sets up for sigstore#1417

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
mattmoor added a commit to mattmoor/cosign that referenced this issue Feb 23, 2022
@mattmoor
This sets up the scaffolding for the cosigned CRD types.
d5293d8 
This mostly contains the boilerplate stuff like codegen and whatnot to bootstrap a Knative controller.  This doesn't contain any of the meaningful type definition aspects, which will follow in a subsequent PR.

Sets up for sigstore#1417

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
mattmoor added a commit to mattmoor/cosign that referenced this issue Feb 23, 2022
@mattmoor
This sets up the scaffolding for the cosigned CRD types.
48b437d 
This mostly contains the boilerplate stuff like codegen and whatnot to bootstrap a Knative controller.  This doesn't contain any of the meaningful type definition aspects, which will follow in a subsequent PR.

Sets up for sigstore#1417

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
mattmoor added a commit to mattmoor/cosign that referenced this issue Feb 23, 2022
@mattmoor
This sets up the scaffolding for the cosigned CRD types.
b3d5e5e 
This mostly contains the boilerplate stuff like codegen and whatnot to bootstrap a Knative controller.  This doesn't contain any of the meaningful type definition aspects, which will follow in a subsequent PR.

Sets up for sigstore#1417

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
mattmoor added a commit to mattmoor/cosign that referenced this issue Feb 23, 2022
@mattmoor
This sets up the scaffolding for the cosigned CRD types.
eedb826 
This mostly contains the boilerplate stuff like codegen and whatnot to bootstrap a Knative controller.  This doesn't contain any of the meaningful type definition aspects, which will follow in a subsequent PR.

Sets up for sigstore#1417

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
mattmoor added a commit to mattmoor/cosign that referenced this issue Feb 23, 2022
@mattmoor
This sets up the scaffolding for the cosigned CRD types.
1ea1ebb 
This mostly contains the boilerplate stuff like codegen and whatnot to bootstrap a Knative controller.  This doesn't contain any of the meaningful type definition aspects, which will follow in a subsequent PR.

Sets up for sigstore#1417

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
mattmoor added a commit to mattmoor/cosign that referenced this issue Feb 23, 2022
@mattmoor
This sets up the scaffolding for the cosigned CRD types.
b5a6ee2 
This mostly contains the boilerplate stuff like codegen and whatnot to bootstrap a Knative controller.  This doesn't contain any of the meaningful type definition aspects, which will follow in a subsequent PR.

Sets up for sigstore#1417

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
mattmoor added a commit to mattmoor/cosign that referenced this issue Feb 23, 2022
@mattmoor
This sets up the scaffolding for the cosigned CRD types.
5ae39f3 
This mostly contains the boilerplate stuff like codegen and whatnot to bootstrap a Knative controller.  This doesn't contain any of the meaningful type definition aspects, which will follow in a subsequent PR.

Sets up for sigstore#1417

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
mattmoor added a commit that referenced this issue Feb 23, 2022
@mattmoor
This sets up the scaffolding for the cosigned CRD types. (#1504)
7d5097d 
This mostly contains the boilerplate stuff like codegen and whatnot to bootstrap a Knative controller.  This doesn't contain any of the meaningful type definition aspects, which will follow in a subsequent PR.

Sets up for #1417

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
@mattmoor mattmoor mentioned this issue Feb 24, 2022
Merged
@kkavitha kkavitha mentioned this issue Mar 2, 2022
Merged
@kkavitha kkavitha mentioned this issue Mar 3, 2022
Merged
hatmarch pushed a commit to hatmarch/cosign that referenced this issue Apr 19, 2022
@mattmoor
This sets up the scaffolding for the cosigned CRD types. (sigstore#…
af71e80 
…1504)

This mostly contains the boilerplate stuff like codegen and whatnot to bootstrap a Knative controller.  This doesn't contain any of the meaningful type definition aspects, which will follow in a subsequent PR.

Sets up for sigstore#1417

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
mlieberman85 pushed a commit to mlieberman85/cosign that referenced this issue May 6, 2022
@mattmoor @mlieberman85
This sets up the scaffolding for the cosigned CRD types. (sigstore#…
fc9ee93 
…1504)

This mostly contains the boilerplate stuff like codegen and whatnot to bootstrap a Knative controller.  This doesn't contain any of the meaningful type definition aspects, which will follow in a subsequent PR.

Sets up for sigstore#1417

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kkavitha kkavitha

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add fields in policy CRD coyote240/cosign
1417 policy validations coyote240/cosign
3 participants
@coyote240 @mattmoor @kkavitha