-
Notifications
You must be signed in to change notification settings - Fork 24
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Introduce a regional-service
module
#328
Conversation
regional-service
module
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could we rename regional-go-service and have it accept image||source?
I really don't want to keep more things in sync with the containers type (we already need to for cron and bots, and it sucks)
d6c0d2e
to
66dea10
Compare
@imjasonh we can discuss it, but I worry that optionality will add a bunch of validation complexity (for the I also suspect that the The complexity and inability to share are annoying, but I also think that the types are intentionally divergent across these use cases. |
Signed-off-by: Matt Moore <[email protected]>
When we have this, what's the benefit of regional-go-service beyond being a wrapper for a single ko_build and this? I really don't want to have to think of two things every time we add support for something to one or the other. |
I would say that generally you don’t have to think of both because one calls the other. You reviewed this before I could push that commit from the crap airplane WiFi (I ultimately had to wait until I got to my hotel). In terms of the value, today it’s N ko builds, N cosign signs, and eliminating the need to declare those “required providers” in virtually every downstream module we have, which adds up fast. However, this is also a place where we haven’t gone as deep as I’d like either. We still can’t attest SBOMs with ko, or do any sort of SLSA provenance attestation. We should also add in a signature verification check on the base image. |
No description provided.