ericwyles
commented
4 months ago Selected Archivista for this and created a separate issue for tracking building that package: https://github.com/defenseunicorns/uds-package-archivista/issues/3
Closed Racer159 closed 4 months ago
ericwyles
commented
4 months ago Selected Archivista for this and created a separate issue for tracking building that package: https://github.com/defenseunicorns/uds-package-archivista/issues/3
Is your feature request related to a problem? Please describe.
We need to have a place that we can upload workload attestations into that is query-able and could be used for policy validation, auditing, and dashboarding by later UDS tooling.
Describe the solution you'd like
Describe alternatives you've considered
We could avoid attestations / in-toto but there is a lot of nice auditing capabilities that we would be missing out on without it.
Additional context
Something like Archivista (https://github.com/in-toto/archivista) could work for this and is already in the
in-totofamily - we could also look at simpler solutions nearer term as well though.