search

eiffel-community / eiffel

The Eiffel framework vocabulary, descriptions, guides and schemas along with links to relevant implementation repositories.
Apache License 2.0
121 stars 59 forks source link

Add Integrity protection for Persistent Logs #401

Closed m-linner-ericsson closed 3 weeks ago

m-linner-ericsson commented 1 month ago

Applicable Issues

Fixes #358

Description of the Change

Alternate Designs

I could have not chosen to break out the persistent logs to its own fragment but then I would have to add Integrity protection in 4 places instead of two.

Possible Drawbacks

None that I can think of

Sign-off

Developer's Certificate of Origin 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I have the right to submit it under the open source license indicated in the file; or

(b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate open source license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same open source license (unless I am permitted to submit under a different license), as indicated in the file; or

(c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it.

(d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the open source license(s) involved.

Signed-off-by: Mattias Linnér mattias.linner@ericsson.com

m-linner-ericsson commented 1 month ago 
--- definitions/EiffelActivityFinishedEvent/4.0.0.yml   2024-07-24 15:54:30.863580372 +0200
+++ definitions/EiffelActivityFinishedEvent/4.1.0.yml   2024-07-24 15:54:30.863580372 +0200
@@ -15,7 +15,7 @@
 ---
 $schema: https://json-schema.org/draft/2020-12/schema#
 _name: EiffelActivityFinishedEvent
-_version: 4.0.0
+_version: 4.1.0
 _abbrev: ActF
 _description: The EiffelActivityFinishedEvent declares that a previously
   started activity (declared by [EiffelActivityTriggeredEvent](./EiffelActivityTriggeredEvent.md)
@@ -56,7 +56,7 @@
         required:
           - conclusion
       persistentLogs:
-        $ref: ../EiffelPersistentLogs/1.0.0.yml
+        $ref: ../EiffelPersistentLogs/1.1.0.yml
       customData:
         type: array
         items:
@@ -128,6 +128,8 @@
       types:
         - EiffelFlowContextDefinedEvent
 _history:
+  - version: 4.1.0
+    changes: Add `data.persistentLogs.integrityProtection.{alg, digest}` (see  [Issue 358](https://github.com/eiffel-community/eiffel/issues/358)).
   - version: 4.0.0
     changes: Update meta schema to Draft 2020-12 and add link validation.
   - version: 3.3.0
--- schemas/EiffelActivityFinishedEvent/4.0.0.json  2024-07-24 15:21:06.623582770 +0200
+++ schemas/EiffelActivityFinishedEvent/4.1.0.json  2024-07-24 15:21:06.713582770 +0200
@@ -18,9 +18,9 @@
         "version": {
           "type": "string",
           "enum": [
-            "4.0.0"
+            "4.1.0"
           ],
-          "default": "4.0.0"
+          "default": "4.1.0"
         },
         "time": {
           "type": "integer"
@@ -173,6 +173,31 @@
               },
               "uri": {
                 "type": "string"
+              },
+              "integrityProtection": {
+                "type": "object",
+                "properties": {
+                  "alg": {
+                    "type": "string",
+                    "enum": [
+                      "SHA-224",
+                      "SHA-256",
+                      "SHA-384",
+                      "SHA-512",
+                      "SHA-512/224",
+                      "SHA-512/256"
+                    ]
+                  },
+                  "digest": {
+                    "type": "string",
+                    "pattern": "^[0-9a-f]+$"
+                  }
+                },
+                "required": [
+                  "alg",
+                  "digest"
+                ],
+                "additionalProperties": false
               }
             },
             "required": [
--- definitions/EiffelTestCaseFinishedEvent/4.0.0.yml   2024-07-24 15:54:30.863580372 +0200
+++ definitions/EiffelTestCaseFinishedEvent/4.1.0.yml   2024-07-24 15:54:30.863580372 +0200
@@ -15,7 +15,7 @@
 ---
 $schema: https://json-schema.org/draft/2020-12/schema#
 _name: EiffelTestCaseFinishedEvent
-_version: 4.0.0
+_version: 4.1.0
 _abbrev: TCF
 _description: |-
   The EiffelTestCaseFinishedEvent declares that a previously started test case (declared by [EiffelTestCaseStartedEvent](./EiffelTestCaseStartedEvent.md)) has finished and reports the outcome.
@@ -90,7 +90,7 @@
           - conclusion
         additionalProperties: false
       persistentLogs:
-        $ref: ../EiffelPersistentLogs/1.0.0.yml
+        $ref: ../EiffelPersistentLogs/1.1.0.yml
       customData:
         type: array
         items:
@@ -162,6 +162,8 @@
       types:
         - EiffelTestCaseTriggeredEvent
 _history:
+  - version: 4.1.0
+    changes: Add `data.persistentLogs.integrityProtection.{alg, digest}` (see  [Issue 358](https://github.com/eiffel-community/eiffel/issues/358)).
   - version: 4.0.0
     changes: Update meta schema to Draft 2020-12 and add link validation.
   - version: 3.3.1
--- schemas/EiffelTestCaseFinishedEvent/4.0.0.json  2024-07-24 15:21:15.333582760 +0200
+++ schemas/EiffelTestCaseFinishedEvent/4.1.0.json  2024-07-24 15:21:15.413582760 +0200
@@ -18,9 +18,9 @@
         "version": {
           "type": "string",
           "enum": [
-            "4.0.0"
+            "4.1.0"
           ],
-          "default": "4.0.0"
+          "default": "4.1.0"
         },
         "time": {
           "type": "integer"
@@ -199,6 +199,31 @@
               },
               "uri": {
                 "type": "string"
+              },
+              "integrityProtection": {
+                "type": "object",
+                "properties": {
+                  "alg": {
+                    "type": "string",
+                    "enum": [
+                      "SHA-224",
+                      "SHA-256",
+                      "SHA-384",
+                      "SHA-512",
+                      "SHA-512/224",
+                      "SHA-512/256"
+                    ]
+                  },
+                  "digest": {
+                    "type": "string",
+                    "pattern": "^[0-9a-f]+$"
+                  }
+                },
+                "required": [
+                  "alg",
+                  "digest"
+                ],
+                "additionalProperties": false
               }
             },
             "required": [
--- definitions/EiffelTestSuiteFinishedEvent/4.0.0.yml  2024-07-24 15:54:30.863580372 +0200
+++ definitions/EiffelTestSuiteFinishedEvent/4.1.0.yml  2024-07-24 15:54:30.863580372 +0200
@@ -15,7 +15,7 @@
 ---
 $schema: https://json-schema.org/draft/2020-12/schema#
 _name: EiffelTestSuiteFinishedEvent
-_version: 4.0.0
+_version: 4.1.0
 _abbrev: TSF
 _description: |-
   The EiffelTestSuiteFinishedEvent declares that a previously started test suite (declared by [EiffelTestSuiteStartedEvent](./EiffelTestSuiteStartedEvent.md)) has finished and reports the outcome.
@@ -64,7 +64,7 @@
             type: string
         additionalProperties: false
       persistentLogs:
-        $ref: ../EiffelPersistentLogs/1.0.0.yml
+        $ref: ../EiffelPersistentLogs/1.1.0.yml
       customData:
         type: array
         items:
@@ -129,6 +129,8 @@
       types:
         - EiffelTestSuiteStartedEvent
 _history:
+  - version: 4.1.0
+    changes: Add `data.persistentLogs.integrityProtection.{alg, digest}` (see  [Issue 358](https://github.com/eiffel-community/eiffel/issues/358)).
   - version: 4.0.0
     changes: Update meta schema to Draft 2020-12 and add link validation.
   - version: 3.3.1
--- schemas/EiffelTestSuiteFinishedEvent/4.0.0.json 2024-07-24 15:21:18.233582756 +0200
+++ schemas/EiffelTestSuiteFinishedEvent/4.1.0.json 2024-07-24 15:21:18.323582756 +0200
@@ -18,9 +18,9 @@
         "version": {
           "type": "string",
           "enum": [
-            "4.0.0"
+            "4.1.0"
           ],
-          "default": "4.0.0"
+          "default": "4.1.0"
         },
         "time": {
           "type": "integer"
@@ -178,6 +178,31 @@
               },
               "uri": {
                 "type": "string"
+              },
+              "integrityProtection": {
+                "type": "object",
+                "properties": {
+                  "alg": {
+                    "type": "string",
+                    "enum": [
+                      "SHA-224",
+                      "SHA-256",
+                      "SHA-384",
+                      "SHA-512",
+                      "SHA-512/224",
+                      "SHA-512/256"
+                    ]
+                  },
+                  "digest": {
+                    "type": "string",
+                    "pattern": "^[0-9a-f]+$"
+                  }
+                },
+                "required": [
+                  "alg",
+                  "digest"
+                ],
+                "additionalProperties": false
               }
             },
             "required": [
m-linner-ericsson commented 4 weeks ago

Updated Diff after version changes

(venv) emalinn@E-5CG1504MQG:~/github/forks/eiffel$ diff -u definitions/EiffelActivityFinishedEvent/4.0.0.yml definitions/EiffelActivityFinishedEvent/4.1.0.yml
--- definitions/EiffelActivityFinishedEvent/4.0.0.yml   2024-08-09 15:57:49.923667154 +0200
+++ definitions/EiffelActivityFinishedEvent/4.1.0.yml   2024-08-09 15:57:22.543667456 +0200
@@ -15,7 +15,7 @@
 ---
 $schema: https://json-schema.org/draft/2020-12/schema#
 _name: EiffelActivityFinishedEvent
-_version: 4.0.0
+_version: 4.1.0
 _abbrev: ActF
 _description: The EiffelActivityFinishedEvent declares that a previously
   started activity (declared by [EiffelActivityTriggeredEvent](./EiffelActivityTriggeredEvent.md)
@@ -56,35 +56,7 @@
         required:
           - conclusion
       persistentLogs:
-        _description: An array of persistent log files generated during
-          execution.
-        type: array
-        items:
-          type: object
-          properties:
-            mediaType:
-              _description: The [media type](https://en.wikipedia.org/wiki/Media_type)
-                of the URI's payload. Can be used to differentiate
-                between various representations of the same log, e.g.
-                text/html for human consumption and text/plain or application/json
-                for the machine-readable form.
-              type: string
-            name:
-              _description: The name of the log file.
-              type: string
-            tags:
-              _description: Arbitrary tags and keywords that describe
-                this log.
-              type: array
-              items:
-                type: string
-            uri:
-              _description: The URI at which the log can be retrieved.
-              type: string
-          required:
-            - name
-            - uri
-          additionalProperties: false
+        $ref: ../EiffelPersistentLogs/1.0.0.yml
       customData:
         type: array
         items:
@@ -156,6 +128,8 @@
       types:
         - EiffelFlowContextDefinedEvent
 _history:
+  - version: 4.1.0
+    changes: Add `data.persistentLogs.integrityProtection.{alg, digest}` (see  [Issue 358](https://github.com/eiffel-community/eiffel/issues/358)).
   - version: 4.0.0
     changes: Update meta schema to Draft 2020-12 and add link validation.
   - version: 3.3.0
(venv) emalinn@E-5CG1504MQG:~/github/forks/eiffel$ diff -u schemas/EiffelActivityFinishedEvent/4.0.0.json schemas/EiffelActivityFinishedEvent/4.1.0.json
 defini--- schemas/EiffelActivityFinishedEvent/4.0.0.json       2024-08-09 16:07:09.263660996 +0200
+++ schemas/EiffelActivityFinishedEvent/4.1.0.json      2024-08-09 16:07:09.343660995 +0200
@@ -18,9 +18,9 @@
         "version": {
           "type": "string",
           "enum": [
-            "4.0.0"
+            "4.1.0"
           ],
-          "default": "4.0.0"
+          "default": "4.1.0"
         },
         "time": {
           "type": "integer"
@@ -173,6 +173,31 @@
               },
               "uri": {
                 "type": "string"
+              },
+              "integrityProtection": {
+                "type": "object",
+                "properties": {
+                  "alg": {
+                    "type": "string",
+                    "enum": [
+                      "SHA-224",
+                      "SHA-256",
+                      "SHA-384",
+                      "SHA-512",
+                      "SHA-512/224",
+                      "SHA-512/256"
+                    ]
+                  },
+                  "digest": {
+                    "type": "string",
+                    "pattern": "^[0-9a-f]+$"
+                  }
+                },
+                "required": [
+                  "alg",
+                  "digest"
+                ],
+                "additionalProperties": false
               }
             },
             "required": [
(venv) emalinn@E-5CG1504MQG:~/github/forks/eiffel$ diff -u definitions/EiffelArtifactCreatedEvent/4.0.0.yml definitions/EiffelArtifactCreatedEvent/4.0.1.yml
--- definitions/EiffelArtifactCreatedEvent/4.0.0.yml    2024-08-09 16:01:20.403664837 +0200
+++ definitions/EiffelArtifactCreatedEvent/4.0.1.yml    2024-08-09 16:06:46.483661247 +0200
@@ -15,7 +15,7 @@
 ---
 $schema: https://json-schema.org/draft/2020-12/schema#
 _name: EiffelArtifactCreatedEvent
-_version: 4.0.0
+_version: 4.0.1
 _abbrev: ArtC
 _description: The EiffelArtifactCreatedEvent declares that a software
   artifact has been created, what its coordinates are, what it contains
@@ -55,34 +55,7 @@
               items:
                 type: string
             integrityProtection:
-              _description: An optional object containing a digest of
-                the file's contents, i.e. a checksum, computed using
-                the specified algorithm.
-              type: object
-              properties:
-                alg:
-                  _description: The cryptographic algorithm used to compute
-                    the digest of the file's contents.
-                  _format: One of the hash algorithms listed in section 1 of
-                    [NIST FIPS 180-4](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf),
-                    excluding "SHA-1".
-                  type: string
-                  enum:
-                    - SHA-224
-                    - SHA-256
-                    - SHA-384
-                    - SHA-512
-                    - SHA-512/224
-                    - SHA-512/256
-                digest:
-                  _description: The digest of the file contents.
-                  _format: A lowercase string of hexadecimal digits.
-                  type: string
-                  pattern: ^[0-9a-f]+$
-              required:
-                - alg
-                - digest
-              additionalProperties: false
+              $ref: ../EiffelIntegrityProtection/1.0.0.yml
           required:
             - name
           additionalProperties: false
@@ -214,6 +187,8 @@
       types:
         - EiffelArtifactCreatedEvent
 _history:
+  - version: 4.0.1
+    changes: Use common fragment for Integrity Protection.
   - version: 4.0.0
     changes: Update meta schema to Draft 2020-12 and add link validation.
   - version: 3.3.0
(venv) emalinn@E-5CG1504MQG:~/github/forks/eiffel$ diff -u schemas/EiffelArtifactCreatedEvent/4.0.0.json schemas/EiffelArtifactCreatedEvent/4.0.1.json
--- schemas/EiffelArtifactCreatedEvent/4.0.0.json       2024-08-09 16:07:11.303660973 +0200
+++ schemas/EiffelArtifactCreatedEvent/4.0.1.json       2024-08-09 16:07:11.383660972 +0200
@@ -18,9 +18,9 @@
         "version": {
           "type": "string",
           "enum": [
-            "4.0.0"
+            "4.0.1"
           ],
-          "default": "4.0.0"
+          "default": "4.0.1"
         },
         "time": {
           "type": "integer"
(venv) emalinn@E-5CG1504MQG:~/github/forks/eiffel$ diff -u definitions/EiffelTestCaseFinishedEvent/4.0.0.yml definitions/EiffelTestCaseFinishedEvent/4.1.0.yml
--- definitions/EiffelTestCaseFinishedEvent/4.0.0.yml   2024-08-09 15:58:45.703666540 +0200
+++ definitions/EiffelTestCaseFinishedEvent/4.1.0.yml   2024-08-09 15:58:45.763666539 +0200
@@ -15,7 +15,7 @@
 ---
 $schema: https://json-schema.org/draft/2020-12/schema#
 _name: EiffelTestCaseFinishedEvent
-_version: 4.0.0
+_version: 4.1.0
 _abbrev: TCF
 _description: |-
   The EiffelTestCaseFinishedEvent declares that a previously started test case (declared by [EiffelTestCaseStartedEvent](./EiffelTestCaseStartedEvent.md)) has finished and reports the outcome.
@@ -90,35 +90,7 @@
           - conclusion
         additionalProperties: false
       persistentLogs:
-        _description: An array of persistent log files generated during
-          execution.
-        type: array
-        items:
-          type: object
-          properties:
-            mediaType:
-              _description: The [media type](https://en.wikipedia.org/wiki/Media_type)
-                of the URI's payload. Can be used to differentiate
-                between various representations of the same log, e.g.
-                text/html for human consumption and text/plain or application/json
-                for the machine-readable form.
-              type: string
-            name:
-              _description: The name of the log file.
-              type: string
-            tags:
-              _description: Arbitrary tags and keywords that describe
-                this log.
-              type: array
-              items:
-                type: string
-            uri:
-              _description: The URI at which the log can be retrieved.
-              type: string
-          required:
-            - name
-            - uri
-          additionalProperties: false
+        $ref: ../EiffelPersistentLogs/1.0.0.yml
       customData:
         type: array
         items:
@@ -190,6 +162,8 @@
       types:
         - EiffelTestCaseTriggeredEvent
 _history:
+  - version: 4.1.0
+    changes: Add `data.persistentLogs.integrityProtection.{alg, digest}` (see  [Issue 358](https://github.com/eiffel-community/eiffel/issues/358)).
   - version: 4.0.0
     changes: Update meta schema to Draft 2020-12 and add link validation.
   - version: 3.3.1
(venv) emalinn@E-5CG1504MQG:~/github/forks/eiffel$ diff -u schemas/EiffelTestCaseFinishedEvent/4.0.0.json schemas/EiffelTestCaseFinishedEvent/4.1.0.json
--- schemas/EiffelTestCaseFinishedEvent/4.0.0.json      2024-08-09 16:07:17.053660910 +0200
+++ schemas/EiffelTestCaseFinishedEvent/4.1.0.json      2024-08-09 16:07:17.143660909 +0200
@@ -18,9 +18,9 @@
         "version": {
           "type": "string",
           "enum": [
-            "4.0.0"
+            "4.1.0"
           ],
-          "default": "4.0.0"
+          "default": "4.1.0"
         },
         "time": {
           "type": "integer"
@@ -199,6 +199,31 @@
               },
               "uri": {
                 "type": "string"
+              },
+              "integrityProtection": {
+                "type": "object",
+                "properties": {
+                  "alg": {
+                    "type": "string",
+                    "enum": [
+                      "SHA-224",
+                      "SHA-256",
+                      "SHA-384",
+                      "SHA-512",
+                      "SHA-512/224",
+                      "SHA-512/256"
+                    ]
+                  },
+                  "digest": {
+                    "type": "string",
+                    "pattern": "^[0-9a-f]+$"
+                  }
+                },
+                "required": [
+                  "alg",
+                  "digest"
+                ],
+                "additionalProperties": false
               }
             },
             "required": [
(venv) emalinn@E-5CG1504MQG:~/github/forks/eiffel$ diff -u definitions/EiffelTestSuiteFinishedEvent/4.0.0.yml definitions/EiffelTestSuiteFinishedEvent/4.1.0.yml
--- definitions/EiffelTestSuiteFinishedEvent/4.0.0.yml  2024-08-09 16:01:20.353664837 +0200
+++ definitions/EiffelTestSuiteFinishedEvent/4.1.0.yml  2024-08-09 15:58:45.733666540 +0200
@@ -15,7 +15,7 @@
 ---
 $schema: https://json-schema.org/draft/2020-12/schema#
 _name: EiffelTestSuiteFinishedEvent
-_version: 4.0.0
+_version: 4.1.0
 _abbrev: TSF
 _description: |-
   The EiffelTestSuiteFinishedEvent declares that a previously started test suite (declared by [EiffelTestSuiteStartedEvent](./EiffelTestSuiteStartedEvent.md)) has finished and reports the outcome.
@@ -64,35 +64,7 @@
             type: string
         additionalProperties: false
       persistentLogs:
-        _description: An array of persistent log files generated during
-          execution.
-        type: array
-        items:
-          type: object
-          properties:
-            mediaType:
-              _description: The [media type](https://en.wikipedia.org/wiki/Media_type)
-                of the URI's payload. Can be used to differentiate
-                between various representations of the same log, e.g.
-                text/html for human consumption and text/plain or application/json
-                for the machine-readable form.
-              type: string
-            name:
-              _description: The name of the log file.
-              type: string
-            tags:
-              _description: Arbitrary tags and keywords that describe
-                this log.
-              type: array
-              items:
-                type: string
-            uri:
-              _description: The URI at which the log can be retrieved.
-              type: string
-          required:
-            - name
-            - uri
-          additionalProperties: false
+        $ref: ../EiffelPersistentLogs/1.0.0.yml
       customData:
         type: array
         items:
@@ -157,6 +129,8 @@
       types:
         - EiffelTestSuiteStartedEvent
 _history:
+  - version: 4.1.0
+    changes: Add `data.persistentLogs.integrityProtection.{alg, digest}` (see  [Issue 358](https://github.com/eiffel-community/eiffel/issues/358)).
   - version: 4.0.0
     changes: Update meta schema to Draft 2020-12 and add link validation.
   - version: 3.3.1
(venv) emalinn@E-5CG1504MQG:~/github/forks/eiffel$ diff -u schemas/EiffelTestSuiteFinishedEvent/4.0.0.json schemas/EiffelTestSuiteFinishedEvent/4.1.0.json
--- schemas/EiffelTestSuiteFinishedEvent/4.0.0.json     2024-08-09 16:07:19.663660881 +0200
+++ schemas/EiffelTestSuiteFinishedEvent/4.1.0.json     2024-08-09 16:07:19.733660880 +0200
@@ -18,9 +18,9 @@
         "version": {
           "type": "string",
           "enum": [
-            "4.0.0"
+            "4.1.0"
           ],
-          "default": "4.0.0"
+          "default": "4.1.0"
         },
         "time": {
           "type": "integer"
@@ -178,6 +178,31 @@
               },
               "uri": {
                 "type": "string"
+              },
+              "integrityProtection": {
+                "type": "object",
+                "properties": {
+                  "alg": {
+                    "type": "string",
+                    "enum": [
+                      "SHA-224",
+                      "SHA-256",
+                      "SHA-384",
+                      "SHA-512",
+                      "SHA-512/224",
+                      "SHA-512/256"
+                    ]
+                  },
+                  "digest": {
+                    "type": "string",
+                    "pattern": "^[0-9a-f]+$"
+                  }
+                },
+                "required": [
+                  "alg",
+                  "digest"
+                ],
+                "additionalProperties": false
               }
             },
             "required": [
m-linner-ericsson commented 3 weeks ago

Sigh, I could've sworn I made a comment about this last week but somehow it slipped my mind (or it's a draft comment in a browser tab somwhere), but: The current convention is to have a "Property" suffix for subschemas:

$ ls definitions | grep -v 'Event'
EiffelCustomDataProperty/
EiffelMetaProperty/

Apart from consistency it can help SDK generators.

Fixed in 73d2880. EiffelEventLink does not follow the pattern but that change is probably better done in a separate PR.