Skip to content

Fix instantiation in _to_rekor() for optional inclusion promise#1382

Merged
jku merged 14 commits intosigstore:mainfrom
ramonpetgrave64:optional-inclusion-promise
May 19, 2025
Merged

Fix instantiation in _to_rekor() for optional inclusion promise#1382
jku merged 14 commits intosigstore:mainfrom
ramonpetgrave64:optional-inclusion-promise

Conversation

@ramonpetgrave64
Copy link
Contributor

@ramonpetgrave64 ramonpetgrave64 commented May 12, 2025
edited
Loading

Client support for Rekor V2: sigstore-python #289

Resolves #1383

Summary

pydantic and betterproto: avoid assigning a var of type Optional[InclusionPromise] to TransparencyLogEntry.inclusion_promise

 File "/usr/local/google/home/rpetgrave/src/ssp/sigstore-python/sigstore/models.py", line 262, in _to_rekor
   tlog_entry = rekor_v1.TransparencyLogEntry(
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 File "/usr/local/google/home/rpetgrave/src/ssp/.venv/lib/python3.12/site-packages/pydantic/_internal/_dataclasses.py", line 120, in __init__
   s.__pydantic_validator__.validate_python(ArgsKwargs(args, kwargs), self_instance=s)
pydantic_core._pydantic_core.ValidationError: 1 validation error for TransparencyLogEntry
inclusion_promise
 Input should be a dictionary or an instance of InclusionPromise [type=dataclass_type, input_value=None, input_type=NoneType]

Release Note

Avoid pydantic's instantiation issues with TransparencyLogEntry when InclusionPromise is not present.

Documentation

None

@ramonpetgrave64
betterproto: avoid assigning a var of type Optional[InclusionPromise]…
46b0087 
… to TransparencyLogEntry.inclusion_promise

```
  File "/usr/local/google/home/rpetgrave/src/ssp/sigstore-python/sigstore/models.py", line 262, in _to_rekor
    tlog_entry = rekor_v1.TransparencyLogEntry(
                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/google/home/rpetgrave/src/ssp/.venv/lib/python3.12/site-packages/pydantic/_internal/_dataclasses.py", line 120, in __init__
    s.__pydantic_validator__.validate_python(ArgsKwargs(args, kwargs), self_instance=s)
pydantic_core._pydantic_core.ValidationError: 1 validation error for TransparencyLogEntry
inclusion_promise
  Input should be a dictionary or an instance of InclusionPromise [type=dataclass_type, input_value=None, input_type=NoneType]
```

Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
add test
c961b52 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
Revert "betterproto: avoid assigning a var of type Optional[Inclusion…
43dc468 
…Promise] to TransparencyLogEntry.inclusion_promise"

This reverts commit 46b0087.

Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
cleanup
274dc23 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
Reapply "betterproto: avoid assigning a var of type Optional[Inclusio…
3f58569 
…nPromise] to TransparencyLogEntry.inclusion_promise"

This reverts commit 43dc468.

Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
cleanup
d61a004 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
format
76f7701 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64 ramonpetgrave64 mentioned this pull request May 12, 2025
Closed
35 tasks
@ramonpetgrave64 ramonpetgrave64 marked this pull request as ready for review May 13, 2025 18:54
@ramonpetgrave64
Copy link
Contributor Author

ramonpetgrave64 commented May 13, 2025

@jku @woodruffw

@jku jku changed the title Fix pydantic in _to_rekor() for optional inclusion proofs Fix pydantic in _to_rekor() for optional inclusion promise May 14, 2025
jku
jku requested changes May 14, 2025
View reviewed changes
Copy link
Member

@jku jku left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Making Bundle work without an inclusion promise makes sense, however

  • if we can, let's test the whole bundle round trip (since Bundle does a lot of the real parsing)
  • I don't think this is a pydantic issue, just us not being prepared for no inclusion promise

I'm not 100% sure I'm actually "requesting changes", let me know if you disagree with the ideas

CHANGELOG.md Outdated
Comment on lines +13 to +14
* Avoid pydantic's instantiation issues with `TransparencyLogEntry` when `InclusionPromise` is not present.

Copy link
Member

@jku jku May 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think this is really related to pydantic (although I appreciate the neater handling in _to_rekor()). Isn't the issue that our code just won't work without an inclusion promise currently?

Copy link
Contributor Author

@ramonpetgrave64 ramonpetgrave64 May 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

removed mention of pydantic.

jku
jku reviewed May 14, 2025
View reviewed changes
ramonpetgrave64 and others added 4 commits May 14, 2025 14:04
@ramonpetgrave64
also delete integrated_time
7e3ef0a 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
lint
41a5a10 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
remove mention of pydantic in changelog
5b87261 
Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
@ramonpetgrave64
Merge branch 'main' into optional-inclusion-promise
cb05e96
@ramonpetgrave64 ramonpetgrave64 requested a review from jku May 15, 2025 14:31
@ramonpetgrave64 ramonpetgrave64 changed the title Fix pydantic in _to_rekor() for optional inclusion promise Fix instantiation in _to_rekor() for optional inclusion promise May 15, 2025
@ramonpetgrave64 ramonpetgrave64 mentioned this pull request May 16, 2025
Closed
15 tasks
jku
jku approved these changes May 16, 2025
View reviewed changes
Copy link
Member

@jku jku left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems correct. The test is a little lacking but is handled in #1381

@jku
Copy link
Member

jku commented May 16, 2025

/gcbrun

@jku
Copy link
Member

jku commented May 19, 2025

Sigh, the merge rules here are really annoying...

  • I can't merge out-of-date branches
  • If I update the branch I think I'll be the latest committer, so then can't approve again

I'll test that and update the branch anyway.

@jku
Copy link
Member

jku commented May 19, 2025

/gcbrun

@jku
Copy link
Member

jku commented May 19, 2025

oh, merging main does not invalidate the review -- I did not know that.

So I can merge this even though I'm the last committer 🤷

@jku jku merged commit e885c70 into sigstore:main May 19, 2025
23 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jku jku jku approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Pydantic verification when inclusion promise is missing.

2 participants

@ramonpetgrave64 @jku