Skip to content

[DRAFT] Add RekorV2Client #1400

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 21 commits into
base: main
Choose a base branch
from
Draft

[DRAFT] Add RekorV2Client #1400

wants to merge 21 commits into from
+1,125 −41

Conversation

ramonpetgrave64
Copy link
Contributor

@ramonpetgrave64 ramonpetgrave64 commented May 20, 2025
edited
Loading

Client support for Rekor V2: sigstore-python #289

Summary

Adds a new RekorV2Client class, for use as a library, not yet within the CLI.

With the same pending TODOs in #1387

  • We are embedding the auto-generated types until we can find a home for them

Testing

  • Unit tests that call live instances of RekorV2, only "alpha" for now
  • Lints are not yet expected to pass, mainly due to type hints on the copy-pasted auto-generated types.

TODOS

  • add more client methods: get_tile, get_entry_bundle, get_checkpoint.
  • enable testing against more instances: staging, prod, local
  • add extra assert in test after improve KindVersion compatibility #1370
  • use these types in sigstore/protobuf-specs when ready (hopefully this week of May 19, 2025)
  • remove workaround where the ...V_0_0_2 is changed to ...V002
  • prefer sending the certificate, rather than the public key to Rekor

Release Note

  • Added a RekorV2Client for posting new entries to a Rekor V2 instance.

Documentation

TODO

@ramonpetgrave64
add RekorV2Client and types
376361a 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
add rekorv2 client + tests
2983b4a 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
add lots of docstrings
3f94e7a 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
xfail on local and staging
d043256 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
add cahngelog
1a55117 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
Merge branch 'main' into rekov2-client
65ecf4e
@ramonpetgrave64 ramonpetgrave64 changed the title Add RekorV2Client [DRAFT] Add RekorV2Client May 20, 2025
jku
jku reviewed May 21, 2025
View reviewed changes
@ramonpetgrave64
remove staging and production methods
3730364 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
add @pytest.mark.ambient_oidc
1e78607 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
send the cert, not only the public key
53c9113 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
abstract the signer fixture
79f967c 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
reorganize fixtures
832f87d 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
add tiemout
e6a6fe3 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
This was referenced May 21, 2025
Closed
Open
@ramonpetgrave64
Merge branch 'main' into rekov2-client
c546aea
@ramonpetgrave64
no V002 workaround
5baeb8f 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
merge updates
4b2a03a 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
no V002 workaround
73eaf0e 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
regorganize tests
34043a2 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
use new methods for building requests
a733d5a 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
changelog
90d8244 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
cleanup comment
b49d8a7 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64
future import
80422f2 
Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64 ramonpetgrave64 mentioned this pull request May 23, 2025
Draft
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jku jku jku left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ramonpetgrave64 @jku