Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[feature] Create a docker-based builder binary that executes a builder image to produce a binary #1191

Open
asraa opened this issue Nov 1, 2022 · 1 comment · Fixed by #1481
Open

[feature] Create a docker-based builder binary that executes a builder image to produce a binary #1191

asraa opened this issue Nov 1, 2022 · 1 comment · Fixed by #1481
Labels
area:docker-based Docker based builder (supplying a builder image and command) type:feature New feature or request
Milestone
Docker image base...

Comments

@asraa
Copy link
Collaborator

asraa commented Nov 1, 2022

This is a tracking issue for the builder binary that is responsible for executing a docker-based-build SLSA buildDefinition and create and measure the output artifact.

Describe the solution you'd like
The builder binary would take as input:

  • The SLSA predicate input: this contains the source, builder base image, and command/output/environment variable. This contains all the needed information to (re)build the artifact

And output:

  • The output binary

Other:

  • Note that the builder binary is part of the predicate itself. This is self-invoking. The outer layer should likely add this into the provenance artifacts, potentially in the runDetails: the type of this builder shouldn't affect the rebuild.

Additional context
#23
https://github.com/MarkLodato/slsa/blob/cec378584e1b24c84fd0a60a0ae5f269e045f4c3/docs/provenance/examples.md

cc @rbehjati
@asraa asraa added type:feature New feature or request area:docker-based Docker based builder (supplying a builder image and command) labels Nov 1, 2022
@asraa asraa mentioned this issue Nov 1, 2022
Closed
This was referenced Nov 25, 2022
Closed
Merged
This was referenced Dec 15, 2022
Merged
Merged
@rbehjati rbehjati mentioned this issue Jan 9, 2023
Merged
@rbehjati rbehjati mentioned this issue Jan 10, 2023
Closed
@rbehjati rbehjati mentioned this issue Jan 24, 2023
Closed
@github-actions GitHub Actions
Copy link

This issue was reopened by the todo-issue-reopener action in the "TODO Issue Reopener" GitHub Actions workflow because there are TODOs referencing this issue:

  1. internal/builders/docker/pkg/common.go:26: Update to the final BuildType URI.
  2. internal/builders/docker/pkg/config.go:35: Add env and options if needed.

@github-actions github-actions bot reopened this May 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area:docker-based Docker based builder (supplying a builder image and command) type:feature New feature or request
Projects
None yet
Milestone
Docker image based builds for arbitra...
Development

Successfully merging a pull request may close this issue.

feat: write subjects to file in docker-based builder binary rbehjati/slsa-github-generator
1 participant
@asraa