Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Revisit artifact rule path patterns #32

Open
lukpueh opened this issue Nov 15, 2017 · 0 comments
Open

Revisit artifact rule path patterns #32

lukpueh opened this issue Nov 15, 2017 · 0 comments

Comments

@lukpueh
Copy link
Member

lukpueh commented Nov 15, 2017

Description of issue::
Rethink the behavior of artifact rule path pattern filtering, especially if no artifacts are filtered by the pattern.

Current behavior:
All artifact rules take a pattern argument that is used to filter artifacts reported by a link.
If the pattern does not filter any artifacts the rules as practically not applied.

This issue was already pointed out in the discussion in in-toto/in-toto#43 and is also described in the docstrings of the artifact rules verification functions, e.g. for the MATCH rule:
https://github.com/in-toto/in-toto/blob/0beaf5b131b5860e8bf0bb059c9f97a0736851b2/in_toto/verifylib.py#L451-L461

Expected behavior:
Expected behavior is open for discussion. My suggestions:

  • each pattern must match at least one artifact
  • extend the rule syntax to indicate if the pattern can/must match ?, +, * artifact(s) (c.f. glob characters)
@lukpueh lukpueh transferred this issue from in-toto/in-toto Jun 18, 2020
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@lukpueh