docs: add evidence transformation pipeline documentation #2510
Conversation
|
ah bummer my workflow didn't have a gpg key setup |
migmartri
left a comment
migmartri
left a comment
There was a problem hiding this comment.
Thanks @anoncam for the contribution.
Something it's worth mentioning that we now have a CLI command that allows you to see the transformed input.
For example, this is the result of running it against our test-coverage policy, you'll notice a debug_info.inputs where the transformed jacoco is.
chainloop policy devel eval --policy policy.yaml --material ../integration-tests/materials/jacoco.xml --debug
WRN API contacted in insecure mode
{
"result": {
"violations": [
"minimum coverage not reached: 25%, required: 80%"
],
"skip_reasons": [],
"skipped": false
},
"debug_info": {
"inputs": [
{
"args": {
"counter": "INSTRUCTION",
"threshold": "80"
},
"chainloop_metadata": {
"annotations": {
"chainloop.material.cas.inline": true,
"chainloop.material.name": "auto-detected-material",
"chainloop.material.type": "JACOCO_XML"
},
"content": "REDACTED-BASE64",
"digest": {
"sha256": "6e5a5e079b0775a7cec76dff9afb6cefb25a3b25d9b38c1fb6dd683141f1eb38"
},
"name": "jacoco.xml"
},
|
@anoncam please make sure your commits are signed, thanks! |
Yeah I'm embarrassed by that oversight. I could overly explain it but instead will sign my commits in the future. Do you need me to reopen this with a signed commit? |
No worries! It happens to me all the time. Could you ammend your commit re-signing it + force pushing it? |
Document how JUnit and Jacoco evidence types are transformed before being injected into the policy engine. This addresses issue chainloop-dev#2183 which requested documentation of the transformation process for non-JSON evidence types. The documentation covers: - Complete transformation pipeline architecture with flow diagram - JUnit XML transformation process and JSON output structure - Jacoco XML transformation process and coverage metrics - Policy engine integration via GetEvaluableContent function - Practical Rego policy examples for both evidence types - Guide for adding new evidence types to the system - Performance, security, and error handling considerations - Complete reference of key implementation files Signed-off-by: Cyrus AI <cyrus@ai.assistant>
anoncam
force-pushed
the
docs/evidence-transformation-pipeline
branch
from
79063b3 to
93c9550
Compare
2 participants
Document how JUnit and Jacoco evidence types are transformed before being injected into the policy engine. This addresses issue #2183 which requested documentation of the transformation process for non-JSON evidence types.
The documentation covers: