search

sigstore / policy-controller

Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supply-chain metadata from cosign
Other
123 stars 54 forks source link

Clean up the CTLog vs TLog confusion in the API. #442

Open vaikas opened 1 year ago

vaikas commented 1 year ago

Description

Due to a series of unfortunate events the field name that points to Transparency Log (aka, Rekor) is incorrectly / confusingly called CTLog: https://github.com/sigstore/policy-controller/blob/main/pkg/apis/policy/v1alpha1/clusterimagepolicy_types.go#L113

The internal field name is CTLog, and the json field is ctlog, and it really should be called TLog. This is confusing because there is a CTLog (that Fulcio points to and writes to).

We should make this a change in the next API rev, including the proper conversions, etc.

Version v1alpha1, v1beta1

hectorj2f commented 1 year ago

Indeed this creates confusion when looking at the SigstoreKeys fields in comparison with the names for the ClusterImagePolicy spec.