-
Notifications
You must be signed in to change notification settings - Fork 323
[cicd] add initial cicd attributes to registry #1075
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from 33 commits
Commits
Show all changes
49 commits
Select commit
Hold shift + click to select a range
f6178c6
[cicd] add initial cicd attributes to registry
adrielp 5efab61
[chore] fix deprecation and rerun checks
adrielp c11986e
[chore] add changelog
adrielp 2ac46ac
[chore] fix changelog issue numbers
adrielp f520284
[chore] run fixes
adrielp 13fbba7
[chore] run issue template gen
adrielp 46f1557
[chore] fix yaml linting
adrielp 87d9dd6
[chore] fixing up structure a bit
adrielp 3c4f8cd
[chore] fix yamllint errors
adrielp 2ece673
[chore] adjust scm, deployment, and deprecated deployment based on fe…
adrielp 2d557c6
[chore] add cicd, remove pipeline, update test
adrielp f82511d
[chore] multiple updates after feedback
adrielp 0368268
[chore] fix missing stability after enum
adrielp 311698c
[chore] fix local typo
adrielp fc914cf
[chore] remove incident from registry, will iterate through sep pr
adrielp 563f071
Merge branch 'main' into cicd-reg-attr
ea7b402
[chore] make changes from workflows
adrielp b1ddced
Merge branch 'main' into cicd-reg-attr
8f3fce3
[chore] run issue template generation
793a1f4
[chore] make changes to test and deploy file based on pr feedback
adrielp 1ea5c57
[chore] general updates and changes after suggestions
adrielp 938537c
[chore] remove allow custom values and updates bacsed on suggestions
adrielp 6c7b2c8
[chore] remove runner attributes from CICD for now, add url.full
adrielp 25e8c4c
[chore] add in_progress to status attributes for suite and case runs
adrielp 66b3bc5
Merge branch 'main' into cicd-reg-attr
8bbcd74
[chore] update hash value brief, separate artifact from build
adrielp 7439ce8
[chore] migrate artifact to its own ns, include attestations to
adrielp d060aab
[chore] run make generate templates
adrielp c84b645
[chore] replace status for case with status for test
adrielp 4699ded
Merge branch 'main' into cicd-reg-attr
e190234
[chore] yammlint
adrielp 6135550
[chore] run make gen issue templates
adrielp 488b516
[chore] revert commit of gsed in shell script
adrielp 91b8cd7
[chore] add additional fully qualified test examples
adrielp b41c126
[chore] update components in changelog
adrielp 2fcfa27
[chore] make adjustments to vcs, cicd, changlog, artifact based on fe…
adrielp c7bd599
[chore] fix line length after linting
adrielp 03f73dd
Merge branch 'main' into cicd-reg-attr
70e75bc
[chore] run attribute registry generation
adrielp c6ec2c9
[chore] update artifact and test attribute per suggestions
adrielp b766d04
Merge branch 'main' into cicd-reg-attr
e7e2c2c
[chore] move artifact.name to artifact.filename per suggestions
adrielp d5a3a34
[chore] move commit.hash to revision and add additional information
adrielp 82df8ba
[chore] upper case CICD in weaver
adrielp d75e796
[chore] adjust weaver yaml
adrielp 93e7801
[chore] remove test run id attribute and fix title
adrielp 6604910
[chore] add CICD codeowners
adrielp 33452c6
[chore] more wording adjustments based on feedback
adrielp 49755bd
Merge branch 'main' into cicd-reg-attr
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| # Use this changelog template to create an entry for release notes. | ||
| # | ||
| # If your change doesn't affect end users you should instead start | ||
| # your pull request title with [chore] or use the "Skip Changelog" label. | ||
|
|
||
| # One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' | ||
| change_type: breaking | ||
|
|
||
| # The name of the area of concern in the attributes-registry, (e.g. http, cloud, db) | ||
| component: cicd, deployment | ||
adrielp marked this conversation as resolved.
Outdated
Show resolved
Hide resolved
|
||
|
|
||
| # A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). | ||
| note: Adds CICD common attributes to the registry. | ||
|
|
||
| # Mandatory: One or more tracking issues related to the change. You can use the PR number here if no issue exists. | ||
| # The values here must be integers. | ||
| issues: [915, 832, 833] | ||
|
|
||
| # (Optional) One or more lines of additional information to render under the primary note. | ||
| # These lines will be padded with 2 spaces and then inserted directly into the document. | ||
| # Use pipe (|) for multiline entries. | ||
| subtext: | | ||
| - CICD common attributes have been added to the registry. | ||
| - "`deployment.environment` has been deprecated and moved to `deployment.environment.name`." | ||
adrielp marked this conversation as resolved.
Outdated
Show resolved
Hide resolved
|
||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -34,4 +34,7 @@ package-lock.json | |
| .vscode | ||
|
|
||
| # Visual Studio | ||
| .vs/ | ||
| .vs/ | ||
|
|
||
| # Python | ||
| venv | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| <!--- Hugo front matter used to generate the website version of this page: | ||
| ---> | ||
|
|
||
| <!-- NOTE: THIS FILE IS AUTOGENERATED. DO NOT EDIT BY HAND. --> | ||
| <!-- see templates/registry/markdown/attribute_namespace.md.j2 --> | ||
|
|
||
| # Artifact | ||
|
|
||
| ## Artifact Attributes | ||
|
|
||
| This group describes attributes specific to artifacts. | ||
|
|
||
| | Attribute | Type | Description | Examples | Stability | | ||
| | ------------------------------- | ------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------- | | ||
| | `artifact.attestation.filename` | string | The filename for provenance directly related to the artifact. Attestations can have a one to many relationship with build artifacts. See [SLSA Relationship](https://slsa.dev/spec/v1.0/distributing-provenance#relationship-between-artifacts-and-attestations) for more information. | `golang-binary-amd64-v0.1.0.attestation`; `docker-image-amd64-v0.1.0.intoto.json1`; `release-1.tar.gz.attestation`; `file-name-package.tar.gz.intoto.json1` |  | | ||
| | `artifact.attestation.hash` | string | The full [hash value (see glossary)](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf), of the built attestation. Some envelopes in the software attestation space also refer to this as the [digest](https://github.com/in-toto/attestation/blob/main/spec/README.md#in-toto-attestation-framework-spec). | `1b31dfcd5b7f9267bf2ff47651df1cfb9147b9e4df1f335accf65b4cda498408` |  | | ||
| | `artifact.attestation.id` | string | The id of the build [software attestation](https://slsa.dev/attestation-model). | `123` |  | | ||
| | `artifact.hash` | string | The full [hash value (see glossary)](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf), often found in checksum.txt on a release of the artifact and used to verify pakage integrity. | `9ff4c52759e2c4ac70b7d517bc7fcdc1cda631ca0045271ddd1b192544f8a3e9` |  | | ||
| | `artifact.name` | string | The human readable file name of the artifact, often generated by build and release utilities to include the package name and version. | `golang-binary-amd64-v0.1.0`; `docker-image-amd64-v0.1.0`; `release-1.tar.gz`; `file-name-package.tar.gz` |  | | ||
| | `artifact.purl` | string | The [Package URL](https://github.com/package-url/purl-spec) of the artifact, providing a standard way to identify and locate the artifact. | `pkg:github/package-url/purl-spec@1209109710924`; `pkg:npm/foo@12.12.3` |  | | ||
| | `artifact.version` | string | The version of the artifact. | `v0.1.0`; `1.2.1`; `122691-build` |  | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,28 @@ | ||
| <!--- Hugo front matter used to generate the website version of this page: | ||
| ---> | ||
|
|
||
| <!-- NOTE: THIS FILE IS AUTOGENERATED. DO NOT EDIT BY HAND. --> | ||
| <!-- see templates/registry/markdown/attribute_namespace.md.j2 --> | ||
|
|
||
| # Cicd | ||
|
|
||
| ## Cicd Pipeline Attributes | ||
|
|
||
| This group describes attributes specific to pipelines within a Continuous Integration and Continuous Deployment (CI/CD) system. A [pipeline](<https://en.wikipedia.org/wiki/Pipeline_(computing)>) in this case is a series of steps that are performed in order to deliver a new version of software. This aligns with the [Britannica](https://www.britannica.com/dictionary/pipeline) definition of a pipeline where a **pipeline** is the system for developing and producing something. In the context of CI/CD, a pipeline produces or delivers software. | ||
|
|
||
| | Attribute | Type | Description | Examples | Stability | | ||
| | --------------------------------- | ------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------- | | ||
| | `cicd.pipeline.name` | string | The human readable name of the pipeline within a CI/CD system. | `Build and Test`; `Lint`; `Deploy Go Project`; `deploy_to_environment` |  | | ||
| | `cicd.pipeline.run.id` | string | The unique identifier of a pipeline run within a CI/CD system. | `120912` |  | | ||
| | `cicd.pipeline.task.name` | string | The human readable name of a task within a pipeline. Task here most closely aligns with a [computing process](<https://en.wikipedia.org/wiki/Pipeline_(computing)>) in a pipeline. Other terms for tasks include commands, steps, and procedures. | `Run GoLang Linter`; `Go Build`; `go-test`; `deploy_binary` |  | | ||
| | `cicd.pipeline.task.run.id` | string | The unique identifier of a task run within a pipeline. | `12097` |  | | ||
| | `cicd.pipeline.task.run.url.full` | string | The [URL](https://en.wikipedia.org/wiki/URL) of the pipeline run providing the complete address in order to locate and identify the pipeline. | `https://github.com/open-telemetry/semantic-conventions/actions/runs/9753949763/job/26920038674?pr=1075` |  | | ||
adrielp marked this conversation as resolved.
Outdated
Show resolved
Hide resolved
|
||
| | `cicd.pipeline.task.type` | string | The type of the task within a pipeline. | `build`; `test`; `deploy` |  | | ||
|
|
||
| `cicd.pipeline.task.type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used. | ||
|
|
||
| | Value | Description | Stability | | ||
| | -------- | ----------- | ---------------------------------------------------------------- | | ||
| | `build` | build |  | | ||
| | `deploy` | deploy |  | | ||
| | `test` | test |  | | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.