Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Inconsistent deduplication handing in subjects and materials #925

Closed
chuangw6 opened this issue Sep 15, 2023 · 1 comment · Fixed by #926
Closed

Inconsistent deduplication handing in subjects and materials #925

chuangw6 opened this issue Sep 15, 2023 · 1 comment · Fixed by #926
Assignees
@chuangw6
Labels
kind/bug Categorizes issue or PR as related to a bug.

Comments

@chuangw6
Copy link
Member

In 2023-09-14 Chains WG meeting, we discussed the deduplication handing in subjects and materials for slsa provenance. They are inconsistent in terms of when to deduplicate and how to identify the duplicates.

For Subjects:

  • when: deduplication happens while collecting each new item to the list
  • how: 2 subjects are duplicate if they have exact same name and at least one common digest algorithm and hex.

For Materials:

  • when: deduplication happens after collecting all items
  • how: 2 materials are duplicate if their marshalled data are equal

The problem with the approach for materials is that 2 entries with same uri and one common algorithm & hex will be identified as 2 completely different materials, but they should be the same artifact.

In the WG meeting, we agreed that we should consolidate and make the approach for handling duplications consistent across artifacts collection in slsa provenance.
@chuangw6 chuangw6 added the kind/bug Categorizes issue or PR as related to a bug. label Sep 15, 2023
@chuangw6
Copy link
Member Author

/assign

chuangw6 added a commit to chuangw6/chains that referenced this issue Sep 15, 2023
@chuangw6
Handle duplicates in subjects and materials consistently
48bcb87 
Fixes tektoncd#925

Prior, deduplication handling for subjects and materials is different.

Now, we use consistent approach to handle the deduplication.

Signed-off-by: Chuang Wang <[email protected]>
@chuangw6 chuangw6 mentioned this issue Sep 15, 2023
Merged
3 tasks
chuangw6 added a commit to chuangw6/chains that referenced this issue Sep 15, 2023
@chuangw6
Handle duplicates in subjects and materials consistently
a1a6b6e 
Fixes tektoncd#925

Prior, deduplication handling for subjects and materials is different.

Now, we use consistent approach to handle the deduplication.

Signed-off-by: Chuang Wang <[email protected]>
chuangw6 added a commit to chuangw6/chains that referenced this issue Sep 15, 2023
@chuangw6
Handle duplicates in subjects and materials consistently
193d493 
Fixes tektoncd#925

Prior, deduplication handling for subjects and materials is different.

Now, we use consistent approach to handle the deduplication.

Signed-off-by: Chuang Wang <[email protected]>
chuangw6 added a commit to chuangw6/chains that referenced this issue Oct 5, 2023
@chuangw6
Handle duplicates in subjects and materials consistently
fb93465 
Fixes tektoncd#925

Prior, deduplication handling for subjects and materials is different.

Now, we use consistent approach to handle the deduplication.

Signed-off-by: Chuang Wang <[email protected]>
tekton-robot pushed a commit that referenced this issue Oct 10, 2023
@chuangw6
Handle duplicates in subjects and materials consistently (#926)
b41436b 
Fixes #925

Prior, deduplication handling for subjects and materials is different.

Now, we use consistent approach to handle the deduplication.

Signed-off-by: Chuang Wang <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@chuangw6 chuangw6

Labels
kind/bug Categorizes issue or PR as related to a bug.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Handle duplicates in subjects and materials consistently chuangw6/chains
1 participant
@chuangw6