Include KindVersion in TLE response#286
Conversation
This adds a missing required field for the kind and version of the entry, so that clients will know how to parse the canonicalized body. This is a much simpler approach to the type factory in Rekor. At this point, given there are only two types, I don't think we should reimplement the factory and simply use case statements. Signed-off-by: Hayden B <8418760+haydentherapper@users.noreply.github.com>
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #286 +/- ##
==========================================
+ Coverage 39.11% 39.33% +0.22%
==========================================
Files 39 40 +1
Lines 2751 2766 +15
==========================================
+ Hits 1076 1088 +12
- Misses 1571 1573 +2
- Partials 104 105 +1 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
|
Could you also update switch statements like these rekor-tiles/pkg/client/write/write.go Line 121 in 3649260 |
| if err != nil { | ||
| return nil, status.Errorf(codes.InvalidArgument, "invalid type, must be either hashedrekord or dsse") | ||
| } | ||
| tle.KindVersion = kv |
There was a problem hiding this comment.
Add tests more tests so we can see the rendered responses
There was a problem hiding this comment.
I see that KindVersion is also missing from the CanonicalizedBody.
There was a problem hiding this comment.
That part is intentional. The type should already be known by then.
There was a problem hiding this comment.
Appu, how is the type derived for monitors reading each entry of the log? With a full bundle, a client will know how to parse it.
There was a problem hiding this comment.
I just realized the problem here.
There was a problem hiding this comment.
@loosebazooka But isn't the canonicalized by supposed to have all of the values of TLE? That seems to be how it is in v1's responses.
There was a problem hiding this comment.
right, I gotta go look at this again.
There was a problem hiding this comment.
Thanks for pointing this out Ramon. We do need entry type information for clients that do not have a Sigstore bundle. I've proposed a fix in #287, which wraps the entry in a one-of so that we retain kind/version information.
Another option Appu and I discussed was trying to replicate the Rekor v1 body with apiversion, kind, and spec. While this might let clients get further along in parsing the body, clients will eventually fail because they won't support the new v2 types.
Appu will be reopening the discussion about a TLE v2 message. Clients will need to update their verification path regardless.
There was a problem hiding this comment.
Also to clarify, KindVersion in the bundle is still needed if CanonicalizedBody, which is optional, is omitted and a client reconstructs the rekor entry from the artifact, signature and verifier. We don't need KindVersion explicitly stated if the message types are retained, which is what 287 proposes.
|
Following up on comments in another PR with adding log ID. |
|
oops, stamped this a little too hastily |
4 participants
This adds a missing required field for the kind and version of the entry, so that clients will know how to parse the canonicalized body.
This is a much simpler approach to the type factory in Rekor. At this point, given there are only two types, I don't think we should reimplement the factory and simply use case statements.
Ref: #285
Summary
Release Note
Documentation