Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[User Story] As a user I want to include user provided metadata at time of signing and have it available for verification #67

Closed
iamsamirzon opened this issue Oct 19, 2022 · 1 comment · Fixed by notaryproject/notation#527
Closed

[User Story] As a user I want to include user provided metadata at time of signing and have it available for verification #67

iamsamirzon opened this issue Oct 19, 2022 · 1 comment · Fixed by notaryproject/notation#527
Assignees
@iamsamirzon @yizha1 @vaninrao10
Labels
needs_estimate Approximate Effort (weeks) for dev to complete question Further information is requested roadmap User Story
Milestone
RC-2

Comments

@iamsamirzon
Copy link
Contributor

As a user, I want to include metadata that I can provide at time of signing. This data should be signed as well ( in addition to the image manifest) and be available for verification.

When verifying signatures, ( At build, deploy or run time) I want to get a list of the signed metadata included with the signature and use it evaluate additional decisions before using the signed image.

Intended outcome

  1. Add CLI commands to add metadata at the point of generating signatures.
  2. Add CLI commands to list the signed metadata at the point of verifying signatures.
  3. When inspecting a signature, or listing its detail a user should be able to see the signed metadata included with the signature.
@iamsamirzon iamsamirzon added question Further information is requested roadmap needs_estimate Approximate Effort (weeks) for dev to complete labels Oct 19, 2022
@iamsamirzon iamsamirzon added this to the Discuss milestone Oct 19, 2022
@iamsamirzon iamsamirzon changed the title [User Story] As a user I want to include user provided metadata at time of signing and have it available for verification As a user, I want to include metadata that I can provide at time of signing. This data should be signed as well ( in addition to the image manifest) and be available for verification. When verifying signatures, ( At build, deploy or run time) I want to get a list of the signed metadata included with the signature and use it evaluate additional decisions before using the signed image. Intended outcome 1. Add CLI commands to add metadata at the point of generating signatures. 2. Add CLI commands to list the signed metadata at the point of verifying signatures. 3. When inspecting a signature, or listing its detail a user should be able to see the signed metadata included with the signature. [User Story] As a user I want to include user provided metadata at time of signing and have it available for verification Oct 19, 2022
@vaninrao10 vaninrao10 modified the milestones: Discuss, RC-2 Nov 23, 2022
@byronchien byronchien mentioned this issue Jan 3, 2023
Merged
priteshbandi pushed a commit to notaryproject/notation that referenced this issue Jan 12, 2023
@byronchien
doc: update notation sign and verify spec for metadata (#498)
6fb9eef 
Spec update to support notaryproject/roadmap#67

`notation sign`: 
- user will be able to specify additional key value pairs with the `--user-metadata` flag (`-um` short) that will be signed as part of the payload.

`notation verify`:
- user will be able to specify additional key value pairs with the `--user-metadata` flag (`-um` short) that must be present in the signature to pass verification.

Signed-off-by: Byron Chien <[email protected]>
@yizha1 yizha1 moved this from Todo to In Progress in Notary Project Planning Board Jan 14, 2023
priteshbandi pushed a commit to priteshbandi/notation that referenced this issue Feb 1, 2023
@byronchien
doc: update notation sign and verify spec for metadata (notaryproject…
a11250e 
…#498)

Spec update to support notaryproject/roadmap#67

`notation sign`:
- user will be able to specify additional key value pairs with the `--user-metadata` flag (`-um` short) that will be signed as part of the payload.

`notation verify`:
- user will be able to specify additional key value pairs with the `--user-metadata` flag (`-um` short) that must be present in the signature to pass verification.

Signed-off-by: Byron Chien <[email protected]>
priteshbandi pushed a commit to priteshbandi/notation that referenced this issue Feb 1, 2023
@byronchien
doc: update notation sign and verify spec for metadata (notaryproject…
a584ce5 
…#498)

Spec update to support notaryproject/roadmap#67

`notation sign`: 
- user will be able to specify additional key value pairs with the `--user-metadata` flag (`-um` short) that will be signed as part of the payload.

`notation verify`:
- user will be able to specify additional key value pairs with the `--user-metadata` flag (`-um` short) that must be present in the signature to pass verification.

Signed-off-by: Byron Chien <[email protected]>
priteshbandi pushed a commit to priteshbandi/notation that referenced this issue Feb 1, 2023
@byronchien
doc: update notation sign and verify spec for metadata (notaryproject…
b60ada2 
…#498)

Spec update to support notaryproject/roadmap#67

`notation sign`:
- user will be able to specify additional key value pairs with the `--user-metadata` flag (`-um` short) that will be signed as part of the payload.

`notation verify`:
- user will be able to specify additional key value pairs with the `--user-metadata` flag (`-um` short) that must be present in the signature to pass verification.

Signed-off-by: Byron Chien <[email protected]>
priteshbandi pushed a commit to priteshbandi/notation that referenced this issue Feb 1, 2023
@byronchien
doc: update notation sign and verify spec for metadata (notaryproject…
8c9c62f 
…#498)

Spec update to support notaryproject/roadmap#67

`notation sign`:
- user will be able to specify additional key value pairs with the `--user-metadata` flag (`-um` short) that will be signed as part of the payload.

`notation verify`:
- user will be able to specify additional key value pairs with the `--user-metadata` flag (`-um` short) that must be present in the signature to pass verification.

Signed-off-by: Byron Chien <[email protected]>
@byronchien byronchien mentioned this issue Feb 7, 2023
Merged
@yizha1 yizha1 unassigned dtzar Feb 7, 2023
@yizha1 yizha1 moved this from In Progress to PR Review in Notary Project Planning Board Feb 7, 2023
priteshbandi pushed a commit to notaryproject/notation that referenced this issue Feb 10, 2023
@byronchien
feat: add support for json output for notation verify (#527)
33c2281 
allows json output for `notation verify`. Fixes notaryproject/roadmap#67 and #498

chienb@a07817b52895 notation % ./bin/notation verify $IMAGE --output json
{
    "reference": "localhost:5000/net-monitor@sha256:5a07385af4e6b6af81b0ebfd435aedccdfa3507f0609c658209e1aba57159b2b",
    "userMetadata": {
        "foo": "bar"
    },
    "result": "Success"
}

Signed-off-by: Byron Chien <[email protected]>
@yizha1
Copy link
Contributor

yizha1 commented Feb 17, 2023

Close it as released in rc.2

@yizha1 yizha1 closed this as completed Feb 17, 2023
@github-project-automation github-project-automation bot moved this from PR Review to Done in Notary Project Planning Board Feb 17, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@iamsamirzon iamsamirzon

@yizha1 yizha1

@vaninrao10 vaninrao10

Labels
needs_estimate Approximate Effort (weeks) for dev to complete question Further information is requested roadmap User Story
Projects
Notary Project Planning Board
Status: Done
Milestone
RC-2
Development

Successfully merging a pull request may close this issue.

feat: add support for json output for notation verify byronchien/notation
4 participants
@dtzar @iamsamirzon @yizha1 @vaninrao10