search

in-toto / specification

Specification and other related documents.
https://in-toto.io
MIT License
40 stars 26 forks source link

Pseudocode for MATCH rule indicates that source and destination patterns can be distinct #19

Closed adityasaky closed 1 year ago

adityasaky commented 5 years ago

The pseudocode currently reads:

source_artifacts_filtered = filter(rule.source_prefix + rule.source_pattern,
                                   source_materials_or_products_set)

destination_artifacts_filtered = \
    filter(rule.destination_prefix + rule.destination_pattern,
             destination_materials_or_products_set)

This should become:

source_artifacts_filtered = filter(rule.source_prefix + rule.pattern,
                                   source_materials_or_products_set)

destination_artifacts_filtered = \
    filter(rule.destination_prefix + rule.pattern,
             destination_materials_or_products_set)

The in-toto specification currently allows for IN clauses to allow for relocation, but not renaming of artifacts as shown by the statement:

The "IN <prefix>" clauses are optional, and they are used to match products and materials whose path differs from the one presented in the destination step. This is the case for steps that relocate files as part of their tasks. For example "MATCH foo IN lib WITH PRODUCT IN build/lib FROM compilation" will ensure that the file "lib/foo" matches "build/lib/foo" from the compilation step.

adityasaky commented 1 year ago

d445e65