From dd2703be779062db6ccb60977ec2981ebd1e07bc Mon Sep 17 00:00:00 2001 From: Andrea Frittoli Date: Mon, 13 Nov 2023 14:18:25 +0000 Subject: [PATCH 1/9] Add CODEOWNERS file The CODEOWNERS file can be parsed by GitHub to suggest reviewers for PRs. The actual permsissions are defined in the GitHub configuration. More details about maintainers and emeritus are tracked as comment. Signed-off-by: Andrea Frittoli --- CODEOWNERS | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 CODEOWNERS diff --git a/CODEOWNERS b/CODEOWNERS new file mode 100644 index 00000000..634c12bb --- /dev/null +++ b/CODEOWNERS @@ -0,0 +1,11 @@ +# Maintainers table +# | Full Name | Company | GitHub | +# |-------------------|:----------:|----------------------------------------------------------------| +# | Emil Bäckmark | Ericsson | [@e-backmark-ericsson](https://github.com/e-backmark-ericsson) | +# | Andrea Frittoli | IBM | [@afrittoli](https://github.com/afrittoli) | + +# Emeritus maintainers (must be in a comment) +# Note yet + +# Repo maintainers +* @cdevents/spec-maintainers From a2a3aab7f2e2f8e67822101ac0b495e92b36d5e0 Mon Sep 17 00:00:00 2001 From: Andrea Frittoli Date: Mon, 11 Dec 2023 15:53:36 +0000 Subject: [PATCH 2/9] Update the governance reference in README Signed-off-by: Andrea Frittoli --- README.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 2f0a1778..5713b99a 100644 --- a/README.md +++ b/README.md @@ -120,6 +120,5 @@ guidelines. ### Governance -The project has been started by the CDF -[SIG Events](https://github.com/cdfoundation/sig-events) and is currently -[governed](https://github.com/cdevents/community/blob/main/governance.md) by a few members of the SIG. +The project has been started by the CDF [SIG Events](https://github.com/cdfoundation/sig-events). +Its governance is [documented in the community repository](https://github.com/cdevents/community/blob/main/governance.md). From a3c8d2c28efd12f928249b55be9656687ce9a947 Mon Sep 17 00:00:00 2001 From: Andrea Frittoli Date: Mon, 11 Dec 2023 15:35:42 +0000 Subject: [PATCH 3/9] Add Ben as spec maintainer Signed-off-by: Andrea Frittoli --- CODEOWNERS | 1 + 1 file changed, 1 insertion(+) diff --git a/CODEOWNERS b/CODEOWNERS index 634c12bb..021631ab 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -3,6 +3,7 @@ # |-------------------|:----------:|----------------------------------------------------------------| # | Emil Bäckmark | Ericsson | [@e-backmark-ericsson](https://github.com/e-backmark-ericsson) | # | Andrea Frittoli | IBM | [@afrittoli](https://github.com/afrittoli) | +# | Ben Powell | Apple | [@xibz](https://github.com/xibz) | # Emeritus maintainers (must be in a comment) # Note yet From c7be12c88222c666b84f7cd4b60b3d0843ac1683 Mon Sep 17 00:00:00 2001 From: Tetsuya Kikuchi <97105818+t-kikuc@users.noreply.github.com> Date: Tue, 2 Jan 2024 23:50:31 +0900 Subject: [PATCH 4/9] Fix typos in doc (#177) Signed-off-by: t-kikuc --- continuous-integration.md | 4 ++-- core.md | 2 +- source-code-version-control.md | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/continuous-integration.md b/continuous-integration.md index a487c973..34daf71c 100644 --- a/continuous-integration.md +++ b/continuous-integration.md @@ -14,7 +14,7 @@ Continuous Integration (CI) events include the subject and predicates related to ## Subjects -This specification defines three subjects in this stage: `builds`, `artifacts` and `tests`. Events associated with these subjects are typically generated either by a CI system that orchestrates the process or by a specific build or test tool directly. Some artifact events may be generated by the system that stores the artifact as well. +This specification defines two subjects in this stage: `build` and `artifact`. Events associated with these subjects are typically generated either by a CI system that orchestrates the process or by a specific build or test tool directly. Some artifact events may be generated by the system that stores the artifact as well. | Subject | Description | Predicates | |---------|-------------|------------| @@ -27,7 +27,7 @@ This specification defines three subjects in this stage: `builds`, `artifacts` a A `build` is a process that uses a recipe to produce an artifact from source code. -__Note:__ The data model for `builds`, apart from `id` and `source`, only includes the identifier of the artifact produced by the build. The inputs to the build process are not specified yet. +__Note:__ The data model for `build`, apart from `id` and `source`, only includes the identifier of the artifact produced by the build. The inputs to the build process are not specified yet. | Field | Type | Description | Examples | |-------|------|-------------|----------| diff --git a/core.md b/core.md index 33be5a5f..190a07ac 100644 --- a/core.md +++ b/core.md @@ -16,7 +16,7 @@ Core events are at the lower level of abstraction in the dictionary: they descri ## Subjects In the context of Continuous Delivery, a *pipeline* is the definition of a set of *tasks* that needs to be performed to build, test, package, release and deploy software artifacts. -The definition of *pipelines* and *tasks* is an authoring process, and has no event associated to it. CDEvents identifies two [*subjects*](./spec/README.md), [`pipelineRun`](#pipelinerun) and [`taskRun`](#taskrun), which are the runtime counterparts of *pipelines* and *tasks*. +The definition of *pipelines* and *tasks* is an authoring process, and has no event associated to it. CDEvents identifies two [*subjects*](spec.md#subject), [`pipelineRun`](#pipelinerun) and [`taskRun`](#taskrun), which are the runtime counterparts of *pipelines* and *tasks*. | Subject | Description | Predicates | |---------|-------------|------------| diff --git a/source-code-version-control.md b/source-code-version-control.md index f164c9c8..f224c348 100644 --- a/source-code-version-control.md +++ b/source-code-version-control.md @@ -14,7 +14,7 @@ Source Code Control events includes the subjects and predicates related to chang ## Subjects -This specification defines two subjects in this stage: `repository` and `change`. Events associated with these subjects are triggered by actions performed by software developers or bots that provide useful automation for software developers. +This specification defines three subjects in this stage: `repository`, `branch`, and `change`. Events associated with these subjects are triggered by actions performed by software developers or bots that provide useful automation for software developers. | Subject | Description | Predicates | |---------|-------------|------------| From f7659a022554ceedc7459608bd85251182b94a91 Mon Sep 17 00:00:00 2001 From: Andrea Frittoli Date: Tue, 28 Nov 2023 11:36:32 +0000 Subject: [PATCH 5/9] Document and enforce spelling policy Define spelling for docs and spec as en_US. Add a CI job to enforce that and fix a couple of inconsistent spellings. A custom dictionary is maintained at .spellcheck-en-custom.txt Signed-off-by: Andrea Frittoli --- .github/workflows/main.yml | 10 +- .spellcheck-en-custom.txt | 239 +++++++++++++++++++++++++++++++++++++ .spellcheck.yml | 11 ++ core.md | 8 +- spec.md | 5 + testing-events.md | 4 +- 6 files changed, 270 insertions(+), 7 deletions(-) create mode 100644 .spellcheck-en-custom.txt create mode 100644 .spellcheck.yml diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 3949613b..224b15fc 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -33,7 +33,7 @@ jobs: VALIDATE_MARKDOWN: true jsonschema: - name: Validate examples + name: Validate Examples runs-on: ubuntu-latest steps: @@ -47,3 +47,11 @@ jobs: - name: Validate Examples run: ./tools/verify-examples.sh + + spellcheck: + name: Spellcheck (en_US) + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: igsekor/pyspelling-any@v0.0.2 + name: Spellcheck \ No newline at end of file diff --git a/.spellcheck-en-custom.txt b/.spellcheck-en-custom.txt new file mode 100644 index 00000000..2111a88c --- /dev/null +++ b/.spellcheck-en-custom.txt @@ -0,0 +1,239 @@ +Auth +BD +CDEvent +CDEvents +CDF +CVE +CamelCase +CloudEvent +CloudEvents +Enum +FHbGphQ +FidWxhcnkgZGVmaW +Gerrit +Github +Gitlab +JSON +JXRmtaU +JoY +KH +KyjITcZXHotdMB +MEYCIQCBT +MergeRequest +MnY +MyPipeline +NGua +NIST +NZSh +Notational +PGRhdGE +PullRequest +QXFaWFpsYm +README +RIbHdaWE +RZ +RhdGE +SCM +SDKs +SIG +SKZ +SRE +Schemas +Tekton +TestOrg +TestRepo +TestSuite +URI +UUID +VGhlIHZvY +VZ +ViamVjdHMqCg +VkdobElIWnZZMkZpZFd +Whitepaper +WmlBcWMzVmlhbVZqZEhNcUNnPT +XiQlc +ZtYVc +aGNua +aGljaCBhcmUgbWFkZSBvZiAqc +aWhyZjVwb +aa +abc +abcde +aca +additionalProperties +aed +american +anUyNDRvazdkdWpfMjAyMjAyMjJUMTYwMDAwWiBhbmRyZWEuZnJpdHRvbGlAbQ +andrea +api +apis +artifactId +bGN +bd +bml +br +cSpell +cardpane +cb +cbdf +ccb +cd +cdeliveryfdn +cdevent +cdevents +cdfoundation +cdsystem +ce +charset +ci +cloudevents +clusterA +contentEncoding +contenttype +csrc +customData +customDataContentType +customDataEncoding +customdata +customdatacontenttype +daR +daemonset +datacontenttype +dataschema +datatracker +dbe +de +deterministically +dev +df +ece +emmitted +english +enum +eventdata +fas +fc +fd +featureBranch +frittoli +geo +github +githubusercontent +gmail +golang +href +html +http +https +iaas +ietf +img +interoperable +io +jenkins +json +jsonschemas +keptn +knative +lcyAqZXZlbnQgdHlwZXMqLCB +lifecycle +linkTitle +markdownlint +md +metricA +minLength +modelled +myApp +myChange +myPipeline +mySubject +myTask +myTestCaseRun +myTestSuiteRun +myapp +mycluster +mycr +mydata +mygit +myorg +myvalue +nWith +namespace +namespaceB +namespaces +nist +nnnn +notational +observability +oci +oneOf +outputType +param +pdf +pipelineName +pipelineRun +pipelinerun +png +pre +py +quicktime +repo +reportedBy +responseTime +rfc +rolledback +rst +runtime +schemas +scp +sdk +sha +sig +sigs +somewherelse +specversion +src +subjectid +svg +taskName +taskRun +taskrun +taskruns +teamX +tekton +testCase +testCaseRun +testCaseRuns +testEnv +testOutput +testSuite +testSuiteRun +testSuiteRuns +testSuiteXXX +testcase +testcaserun +testkube +testoutput +testrunreport +testsuite +testsuiterun +ticketURI +tmeid +tmsrc +toc +typesystem +unitest +uri +url +userId +utf +viewUrl +whl +wikipedia +wpaper +www +xTENCM +xml +ypDXWCjlNKfzTV +yshmiPmp +znnSMNkQIhAJ diff --git a/.spellcheck.yml b/.spellcheck.yml new file mode 100644 index 00000000..e9c18a70 --- /dev/null +++ b/.spellcheck.yml @@ -0,0 +1,11 @@ +matrix: +- name: all + aspell: + lang: en + d: en_US + sources: + - "**/*.md" + - "**/*.json|!.github" + dictionary: + wordlists: + - .spellcheck-en-custom.txt diff --git a/core.md b/core.md index 190a07ac..116d66e0 100644 --- a/core.md +++ b/core.md @@ -38,7 +38,7 @@ track the build and release progress on a particular software artifact. | pipelineName | `String` | The name of the pipeline | `MyPipeline`, `Unit tests for my repo` | | outcome | `String` | outcome of a finished `pipelineRun` | `success`, `error` or `failure`| | url | `URI` | url to the `pipelineRun` | `https://dashboard.org/namespace/pipelinerun-1234`, `https://api.cdsystem.com/namespace/pipelinerun-1234` | -| errors | `String` | In case of error or failed pipeline, provides details about the failure | `Invalid input param 123`, `Timeout during execution`, `pipelineRun cancelled by user`, `Unit tests failed`| +| errors | `String` | In case of error or failed pipeline, provides details about the failure | `Invalid input param 123`, `Timeout during execution`, `pipelineRun canceled by user`, `Unit tests failed`| ### `taskRun` @@ -58,7 +58,7 @@ associated, in which case it is acceptable to generate only taskRun events. | pipelineRun | `Object` ([`pipelineRun`](#pipelinerun)) | The `pipelineRun` that this `taskRun` belongs to. | `{"id": "namespace/pipelinerun-1234"}`| | outcome | `String` | outcome of a finished `taskRun` | `success`, `error` or `failure`| | url | `URI` | url to the `taskRun` | `https://dashboard.org/namespace/taskrun-1234`, `https://api.cdsystem.com/namespace/taskrun-1234` | -| errors | `String` | In case of error or failed pipeline, provides details about the failure | `Invalid input param 123`, `Timeout during execution`, `taskRun cancelled by user`, `Unit tests failed`| +| errors | `String` | In case of error or failed pipeline, provides details about the failure | `Invalid input param 123`, `Timeout during execution`, `taskRun canceled by user`, `Unit tests failed`| ## Events @@ -112,7 +112,7 @@ A pipelineRun has finished, successfully or not. | pipelineName | `String` | The name of the pipeline | `MyPipeline`, `Unit tests for my repo` | | | url | `URI` | url to the `pipelineRun` | `https://dashboard.org/namespace/pipelinerun-1234`, `https://api.cdsystem.com/namespace/pipelinerun-1234` | | | outcome | `String (enum)` | outcome of a finished `pipelineRun` | `success`, `error` or `failure`| | -| errors | `String` | In case of error or failed pipeline, provides details about the failure | `Invalid input param 123`, `Timeout during execution`, `pipelineRun cancelled by user`, `Unit tests failed`| | +| errors | `String` | In case of error or failed pipeline, provides details about the failure | `Invalid input param 123`, `Timeout during execution`, `pipelineRun canceled by user`, `Unit tests failed`| | ### [`taskRun Started`](examples/taskrun_started.json) @@ -148,4 +148,4 @@ A taskRun has finished, successfully or not. | pipelineRun | `Object` ([`pipelineRun`](#pipelinerun)) | The `pipelineRun` that this `taskRun` belongs to. | `{"id": "namespace/pipelinerun-1234"}`| | | url | `URI` | url to the `taskRun` | `https://dashboard.org/namespace/taskrun-1234`, `https://api.cdsystem.com/namespace/taskrun-1234` | | | outcome | `String (enum)` | outcome of a finished `taskRun` | `success`, `error` or `failure`| | -| errors | `String` | In case of error or failed pipeline, provides details about the failure | `Invalid input param 123`, `Timeout during execution`, `taskRun cancelled by user`, `Unit tests failed`| | +| errors | `String` | In case of error or failed pipeline, provides details about the failure | `Invalid input param 123`, `Timeout during execution`, `taskRun canceled by user`, `Unit tests failed`| | diff --git a/spec.md b/spec.md index 0c748c4e..61698d9d 100644 --- a/spec.md +++ b/spec.md @@ -82,6 +82,11 @@ The specification is structured in two main parts: For an introduction see the [CDEvents README](README.md) and for more background information please see our [CDEvents primer](https://cdevents.dev/docs/primer/). +## Spelling + +CDEvents adopt american english ("en_US") as dictionary for spelling both in the +specification as well as in the documentation. + ## Notations and Terminology ### Notational Conventions diff --git a/testing-events.md b/testing-events.md index 0bb2c62b..00661908 100644 --- a/testing-events.md +++ b/testing-events.md @@ -115,7 +115,7 @@ This event represents a finished testCase execution. The event will contain the | testSuiteRun | `Object` [`testSuiteRun`](#testsuiterun) | A testSuiteRun to associate this testCaseRun with a containing testSuiteRun | `{"id":"Auth-TestSuite-execution-12334", "source": "staging/testkube"}` | | | outcome | `String (enum)` | The outcome of the testSuite execution, one of `pass`, `fail`, `cancel`, `error` | `pass` | ✅ | | severity | `String (enum)` | Severity if the test failed, one of `low`, `medium`, `high`, `critical` | `critical` | -| reason | `String` | A reason related to the outcome of the execution | `Cancelled by user`, `Failed assertion`, `Timed out` | | +| reason | `String` | A reason related to the outcome of the execution | `Canceled by user`, `Failed assertion`, `Timed out` | | ### [`testSuiteRun queued`](examples/testsuiterun_queued.json) @@ -165,7 +165,7 @@ This event represents a finished testSuite execution. The event will contain the | environment | `Object` [`environment`](continuous-deployment.md/#environment) | The environment in which this testSuiteRun was running | `{"id": "1234"}`, `{"id": "dev", "source": "testkube-dev-123"}` | ✅ | | outcome | `String (enum)` | The outcome of the testSuite execution, one of `pass`, `fail`, `cancel`, `error` | `fail` | ✅ | | severity | `String (enum)` | Severity if the test failed, one of `low`, `medium`, `high`, `critical` | `critical`, `low`, `medium`, `high` | -| reason | `String` | A reason related to the outcome of the execution | `Cancelled by user`, `Failed testCase` | | +| reason | `String` | A reason related to the outcome of the execution | `Canceled by user`, `Failed testCase` | | | testSuite | `Object` [`testSuite`](#testsuite) | Definition of the testSuite being executed | `{"id": "92834723894", "name": "Auth TestSuite"}` | | ### [`testOutput published`](examples/testoutput_published.json) From e66556b0e889782fff148fa35e52de7b1b37b051 Mon Sep 17 00:00:00 2001 From: Andrea Frittoli Date: Fri, 12 Jan 2024 12:45:39 +0000 Subject: [PATCH 6/9] Refine the spelling configurartion Split spelling check of json and markdown files. For markdown add a context filter to ignore code blocks (inline and multiline). Enable url and camel case modes. Change the action to a different one, based on the same technology (pyspelling + aspell) as the current one does not support the came case mode. Signed-off-by: Andrea Frittoli --- .github/workflows/main.yml | 7 +- .spellcheck-en-custom.txt | 141 ------------------------------------- .spellcheck.yml | 30 +++++++- 3 files changed, 32 insertions(+), 146 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 224b15fc..1fe4058d 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -52,6 +52,7 @@ jobs: name: Spellcheck (en_US) runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: igsekor/pyspelling-any@v0.0.2 - name: Spellcheck \ No newline at end of file + - name: Checkout Code + uses: actions/checkout@v3 + - name: Spellcheck + uses: rojopolis/spellcheck-github-actions@0.35.0 diff --git a/.spellcheck-en-custom.txt b/.spellcheck-en-custom.txt index 2111a88c..cca0d6ca 100644 --- a/.spellcheck-en-custom.txt +++ b/.spellcheck-en-custom.txt @@ -1,215 +1,82 @@ Auth BD -CDEvent -CDEvents CDF CVE -CamelCase -CloudEvent -CloudEvents -Enum -FHbGphQ -FidWxhcnkgZGVmaW Gerrit Github Gitlab JSON -JXRmtaU -JoY KH KyjITcZXHotdMB MEYCIQCBT -MergeRequest -MnY -MyPipeline NGua NIST -NZSh Notational -PGRhdGE -PullRequest -QXFaWFpsYm README -RIbHdaWE -RZ -RhdGE SCM -SDKs SIG -SKZ SRE -Schemas Tekton -TestOrg TestRepo -TestSuite URI UUID -VGhlIHZvY -VZ -ViamVjdHMqCg -VkdobElIWnZZMkZpZFd -Whitepaper -WmlBcWMzVmlhbVZqZEhNcUNnPT XiQlc -ZtYVc -aGNua -aGljaCBhcmUgbWFkZSBvZiAqc -aWhyZjVwb -aa -abc -abcde -aca -additionalProperties -aed american -anUyNDRvazdkdWpfMjAyMjAyMjJUMTYwMDAwWiBhbmRyZWEuZnJpdHRvbGlAbQ -andrea -api -apis -artifactId -bGN -bd -bml br -cSpell cardpane -cb -cbdf -ccb -cd -cdeliveryfdn cdevent cdevents -cdfoundation -cdsystem ce charset -ci cloudevents -clusterA -contentEncoding contenttype -csrc -customData -customDataContentType -customDataEncoding customdata customdatacontenttype -daR -daemonset datacontenttype dataschema -datatracker -dbe -de deterministically dev -df -ece emmitted english enum eventdata fas fc -fd -featureBranch -frittoli geo -github -githubusercontent -gmail -golang href -html http -https iaas -ietf img interoperable -io jenkins json -jsonschemas -keptn -knative -lcyAqZXZlbnQgdHlwZXMqLCB lifecycle -linkTitle markdownlint md -metricA -minLength modelled -myApp -myChange -myPipeline -mySubject -myTask -myTestCaseRun -myTestSuiteRun -myapp -mycluster -mycr mydata -mygit -myorg myvalue -nWith namespace namespaceB -namespaces -nist nnnn notational observability -oci -oneOf -outputType param pdf -pipelineName -pipelineRun pipelinerun png pre -py quicktime -repo -reportedBy -responseTime rfc rolledback -rst runtime -schemas -scp -sdk -sha -sig -sigs somewherelse specversion src subjectid -svg -taskName -taskRun taskrun -taskruns -teamX tekton -testCase -testCaseRun -testCaseRuns testEnv -testOutput -testSuite -testSuiteRun -testSuiteRuns -testSuiteXXX testcase testcaserun testkube @@ -218,21 +85,13 @@ testrunreport testsuite testsuiterun ticketURI -tmeid -tmsrc toc typesystem -unitest uri url -userId utf viewUrl -whl -wikipedia wpaper -www -xTENCM xml ypDXWCjlNKfzTV yshmiPmp diff --git a/.spellcheck.yml b/.spellcheck.yml index e9c18a70..cd5a3568 100644 --- a/.spellcheck.yml +++ b/.spellcheck.yml @@ -1,11 +1,37 @@ matrix: -- name: all +- name: json aspell: lang: en d: en_US + camel-case: true + mode: url sources: - - "**/*.md" - "**/*.json|!.github" dictionary: wordlists: - .spellcheck-en-custom.txt +- name: markdown + aspell: + lang: en + d: en_US + camel-case: true + mode: url + sources: + - "**/*.md" + dictionary: + wordlists: + - .spellcheck-en-custom.txt + pipeline: + - pyspelling.filters.context: + context_visible_first: true + escapes: '\\[\\`~]' + delimiters: + # Ignore multiline content between fences (fences can have 3 or more back ticks) + # ``` + # content + # ``` + - open: '(?s)^(?P *`{3,})$' + close: '^(?P=open)$' + # Ignore text between inline back ticks + - open: '(?P`+)' + close: '(?P=open)' \ No newline at end of file From dac26c85ce84bcd10cdd94a88a522e48ea912c6f Mon Sep 17 00:00:00 2001 From: Andrea Frittoli Date: Mon, 15 Jan 2024 16:09:43 +0000 Subject: [PATCH 7/9] Add an SBOM URI field to artifact events (#171) * Add an SBOM URI field to artifact events Artifact packaged and/or published events may include a link to a published SBOM. Since there is no default storage location for such SBOM documents, CDEvents may help linking the artifact with its SBOM by including a link to the SBOM in the artifact events. Partially-addresses: #132 Signed-off-by: Andrea Frittoli --- continuous-integration.md | 20 ++++++++++++++++++-- examples/artifact_packaged.json | 5 ++++- examples/artifact_published.json | 8 ++++++-- schemas/artifactpackaged.json | 18 ++++++++++++++++-- schemas/artifactpublished.json | 21 ++++++++++++++++++--- tools/verify-examples.sh | 13 +++++++------ 6 files changed, 69 insertions(+), 16 deletions(-) diff --git a/continuous-integration.md b/continuous-integration.md index 34daf71c..59f43841 100644 --- a/continuous-integration.md +++ b/continuous-integration.md @@ -47,6 +47,7 @@ An `artifact` is usually produced as output of a build process. Events need to b | type | `String` | See [type](spec.md#type-subject) | `artifact` | | change | `object` | The change (tag, commit, revision) of the repository which was used to build the artifact" | `{"id": "527d4a1aca5e8d0df24813df5ad65d049fc8d312", "source": "my-git.example/an-org/a-repo"}`, `{"id": "feature1234", "source": "my-git.example/an-org/a-repo"}` | | signature | `string` | The signature of the artifact | `MEYCIQCBT8U5ypDXWCjlNKfzTV4KH516/SK13NZSh8znnSMNkQIhAJ3XiQlc9PM1KyjITcZXHotdMB+J3NGua5T/yshmiPmp` | +| sbom | [`sbom`](#sbom) | The Software Bill of Material (SBOM) associated with the artifact | `{"uri": "https://sbom.storage.service/my-projects/3A0b31b1c02ff458ad9b7b81cbdf8f028bd54699fa151f221d1e8de6817db93427.sbom"}` | ## Events @@ -96,8 +97,9 @@ This event represents a Build task that has finished. This event will eventually ### [`artifact packaged`](examples/artifact_packaged.json) The event represents an artifact that has been packaged for distribution; this artifact is now versioned with a fixed version. +This event is usually produced by the build system. If an SBOM URI is available at this stage, it should be included. -- Event Type: __`dev.cdevents.artifact.packaged.0.1.1`__ +- Event Type: __`dev.cdevents.artifact.packaged.0.2.0-draft`__ - Predicate: packaged - Subject: [`artifact`](#artifact) @@ -107,12 +109,15 @@ The event represents an artifact that has been packaged for distribution; this a | source | `URI-Reference` | See [source](spec.md#source-subject) | | | | type | `String` | See [type](spec.md#type-subject) | `artifact` | | | change | `object` | The change (tag, commit, revision) of the repository which was used to build the artifact" | `{"id": "527d4a1aca5e8d0df24813df5ad65d049fc8d312", "source": "my-git.example/an-org/a-repo"}`, `{"id": "feature1234", "source": "my-git.example/an-org/a-repo"}` | ✅ | +| sbom | [`sbom`](#sbom) | The Software Bill of Material (SBOM) associated with the artifact | `{"uri": "https://sbom.storage.service/my-projects/3A0b31b1c02ff458ad9b7b81cbdf8f028bd54699fa151f221d1e8de6817db93427.sbom"}` | | ### [`artifact published`](examples/artifact_published.json) The event represents an artifact that has been published and it can be advertised for others to use. +This event may be produced both by the build system and by the artifact registry that received the artifact. +If an SBOM was published and the SBOM URI is available at this stage, it should be included. -- Event Type: __`dev.cdevents.artifact.published.0.1.1`__ +- Event Type: __`dev.cdevents.artifact.published.0.2.0-draft`__ - Predicate: published - Subject: [`artifact`](#artifact) @@ -121,6 +126,7 @@ The event represents an artifact that has been published and it can be advertise | id | `Purl` | See [id](spec.md#id-subject) | `pkg:oci/myapp@sha256%3A0b31b1c02ff458ad9b7b81cbdf8f028bd54699fa151f221d1e8de6817db93427?repository_url=mycr.io/myapp`, `pkg:golang/mygit.com/myorg/myapp@234fd47e07d1004f0aed9c` | ✅ | | source | `URI-Reference` | See [source](spec.md#source-subject) | | | | type | `String` | See [type](spec.md#type-subject) | `artifact` | | +| sbom | [`sbom`](#sbom) | The Software Bill of Material (SBOM) associated with the artifact | `{"uri": "https://sbom.storage.service/my-projects/3A0b31b1c02ff458ad9b7b81cbdf8f028bd54699fa151f221d1e8de6817db93427.sbom"}` | | ### [`artifact signed`](examples/artifact_signed.json) @@ -137,3 +143,13 @@ An artifact may be signed after it has been packaged or sometimes after it has p | source | `URI-Reference` | See [source](spec.md#source-subject) | | | | type | `String` | See [type](spec.md#type-subject) | `artifact` | | | signature | `string` | The signature of the artifact | `MEYCIQCBT8U5ypDXWCjlNKfzTV4KH516/SK13NZSh8znnSMNkQIhAJ3XiQlc9PM1KyjITcZXHotdMB+J3NGua5T/yshmiPmp` | ✅ | + +## Objects + +### `sbom` + +Several events reference a Software Bill of Materials (SBOM). In CDEvents SBOMs are represented via the `sbom` object, which is a reference to an externally hosted SBOM. The `sbom` object includes a single `uri` field, and is defined as an object to allow for more fields to be added in a backwards compatible manner in future. + +| Field | Type | Description | Examples | +|-------|------|-------------|----------| +| `uri` | `URI-Reference` | Link to an externally hosted SBOM. | `https://sbom.storage.service/my-projects/3A0b31b1c02ff458ad9b7b81cbdf8f028bd54699fa151f221d1e8de6817db93427.sbom` | \ No newline at end of file diff --git a/examples/artifact_packaged.json b/examples/artifact_packaged.json index c88744fa..238e20bb 100644 --- a/examples/artifact_packaged.json +++ b/examples/artifact_packaged.json @@ -3,7 +3,7 @@ "version": "0.4.0-draft", "id": "271069a8-fc18-44f1-b38f-9d70a1695819", "source": "/event/source/123", - "type": "dev.cdevents.artifact.packaged.0.1.1", + "type": "dev.cdevents.artifact.packaged.0.2.0-draft", "timestamp": "2023-03-20T14:27:05.315384Z" }, "subject": { @@ -14,6 +14,9 @@ "change": { "id": "myChange123", "source": "my-git.example/an-org/a-repo" + }, + "sbom": { + "uri": "https://sbom.repo/myorg/234fd47e07d1004f0aed9c.sbom" } } } diff --git a/examples/artifact_published.json b/examples/artifact_published.json index 43d94b74..854e2d96 100644 --- a/examples/artifact_published.json +++ b/examples/artifact_published.json @@ -3,13 +3,17 @@ "version": "0.4.0-draft", "id": "271069a8-fc18-44f1-b38f-9d70a1695819", "source": "/event/source/123", - "type": "dev.cdevents.artifact.published.0.1.1", + "type": "dev.cdevents.artifact.published.0.2.0-draft", "timestamp": "2023-03-20T14:27:05.315384Z" }, "subject": { "id": "pkg:golang/mygit.com/myorg/myapp@234fd47e07d1004f0aed9c", "source": "/event/source/123", "type": "artifact", - "content": {} + "content": { + "sbom": { + "uri": "https://sbom.repo/myorg/234fd47e07d1004f0aed9c.sbom" + } + } } } diff --git a/schemas/artifactpackaged.json b/schemas/artifactpackaged.json index 27aca12b..e293f617 100644 --- a/schemas/artifactpackaged.json +++ b/schemas/artifactpackaged.json @@ -20,9 +20,9 @@ "type": { "type": "string", "enum": [ - "dev.cdevents.artifact.packaged.0.1.1" + "dev.cdevents.artifact.packaged.0.2.0-draft" ], - "default": "dev.cdevents.artifact.packaged.0.1.1" + "default": "dev.cdevents.artifact.packaged.0.2.0-draft" }, "timestamp": { "type": "string", @@ -77,6 +77,20 @@ "required": [ "id" ] + }, + "sbom": { + "properties": { + "uri": { + "type": "string", + "minLength": 1, + "format": "uri-reference" + } + }, + "additionalProperties": false, + "type": "object", + "required": [ + "uri" + ] } }, "additionalProperties": false, diff --git a/schemas/artifactpublished.json b/schemas/artifactpublished.json index fc56f008..ae839a66 100644 --- a/schemas/artifactpublished.json +++ b/schemas/artifactpublished.json @@ -20,9 +20,9 @@ "type": { "type": "string", "enum": [ - "dev.cdevents.artifact.published.0.1.1" + "dev.cdevents.artifact.published.0.2.0-draft" ], - "default": "dev.cdevents.artifact.published.0.1.1" + "default": "dev.cdevents.artifact.published.0.2.0-draft" }, "timestamp": { "type": "string", @@ -59,7 +59,22 @@ "default": "artifact" }, "content": { - "properties": {}, + "properties": { + "sbom": { + "properties": { + "uri": { + "type": "string", + "minLength": 1, + "format": "uri-reference" + } + }, + "additionalProperties": false, + "type": "object", + "required": [ + "uri" + ] + } + }, "additionalProperties": false, "type": "object" } diff --git a/tools/verify-examples.sh b/tools/verify-examples.sh index d7735363..522acbb6 100755 --- a/tools/verify-examples.sh +++ b/tools/verify-examples.sh @@ -44,20 +44,21 @@ go install github.com/neilpa/yajsv@v1.4.1 # - examples are subject_predicate.json # - schemas are subjectpredicate.json num_failed=0 -num_examples=$(ls "$EXAMPLES_FOLDER" | wc -l | awk '{ print $1 }') -for example in $(ls "$EXAMPLES_FOLDER"); do - SUBJECT_PREDICATE=$(basename $example .json) +num_examples=$(find "${EXAMPLES_FOLDER}" -type f -name '*json' | wc -l | awk '{ print $1 }') +for example in $(find "${EXAMPLES_FOLDER}" -type f -name '*json'); do + EXAMPLE_FILE=$(basename ${example}) + SUBJECT_PREDICATE=$(basename $EXAMPLE_FILE .json) splitArray=(${SUBJECT_PREDICATE//_/ }) SUBJECT=${splitArray[0]} PREDICATE=${splitArray[1]} - EXAMPLE_FILE=${EXAMPLES_FOLDER}/${example} SCHEMA_FILE=${SCHEMAS_FOLDER}/${SUBJECT}${PREDICATE}.json echo "==> $SUBJECT $PREDICATE" - yajsv -s "$SCHEMA_FILE" "$EXAMPLE_FILE" || num_failed=$(( num_failed + 1 )) + echo yajsv -s "$SCHEMA_FILE" "$example" + yajsv -s "$SCHEMA_FILE" "$example" || num_failed=$(( num_failed + 1 )) echo done if [ $num_failed -gt 0 ]; then echo "${num_failed} out of ${num_examples} examples failed validation" fi -exit $num_failed \ No newline at end of file +exit $num_failed From ba07b7640e7bc27bbe999f47e951a9a4b87ae84c Mon Sep 17 00:00:00 2001 From: Andrea Frittoli Date: Tue, 16 Jan 2024 13:50:09 +0000 Subject: [PATCH 8/9] Add user field to artifact events and download and delete events (#172) * Add artifact downloaded and deleted events Cleaned up some wrong references, left over when moving test events, added testing events to spec.md too. Partially-fixes: #143 Signed-off-by: Andrea Frittoli --- .spellcheck-en-custom.txt | 5 ++ continuous-integration.md | 56 +++++++++++++---- examples/artifact_deleted.json | 17 +++++ examples/artifact_downloaded.json | 17 +++++ examples/artifact_published.json | 3 +- schemas/artifactdeleted.json | 101 ++++++++++++++++++++++++++++++ schemas/artifactdownloaded.json | 101 ++++++++++++++++++++++++++++++ schemas/artifactpublished.json | 4 ++ spec.md | 7 ++- 9 files changed, 297 insertions(+), 14 deletions(-) create mode 100644 examples/artifact_deleted.json create mode 100644 examples/artifact_downloaded.json create mode 100644 schemas/artifactdeleted.json create mode 100644 schemas/artifactdownloaded.json diff --git a/.spellcheck-en-custom.txt b/.spellcheck-en-custom.txt index cca0d6ca..d340a061 100644 --- a/.spellcheck-en-custom.txt +++ b/.spellcheck-en-custom.txt @@ -13,6 +13,8 @@ NGua NIST Notational README +SBOM +SBOMs SCM SIG SRE @@ -54,6 +56,8 @@ lifecycle markdownlint md modelled +myapp +mybot mydata myvalue namespace @@ -70,6 +74,7 @@ quicktime rfc rolledback runtime +sbom somewherelse specversion src diff --git a/continuous-integration.md b/continuous-integration.md index 59f43841..06ccc86d 100644 --- a/continuous-integration.md +++ b/continuous-integration.md @@ -10,7 +10,7 @@ description: > --> # Continuous Integration Events -Continuous Integration (CI) events include the subject and predicates related to CI activities such as building software, producing artifacts and running tests. +Continuous Integration (CI) events include the subject and predicates related to CI activities such as [building software](#build), producing [artifacts](#artifact) and [running tests](./testing-events.md). ## Subjects @@ -19,7 +19,7 @@ This specification defines two subjects in this stage: `build` and `artifact`. E | Subject | Description | Predicates | |---------|-------------|------------| | [`build`](#build) | A software build | [`queued`](#build-queued), [`started`](#build-started), [`finished`](#build-finished)| -| [`artifact`](#artifact) | An artifact produced by a build | [`packaged`](#artifact-packaged), [`published`](#artifact-published), [`signed`](#artifact-signed)| +| [`artifact`](#artifact) | An artifact produced by a build | [`packaged`](#artifact-packaged), [`signed`](#artifact-signed), [`published`](#artifact-published), [`downloaded`](#artifact-downloaded)| > `testCase`/`testSuite` events have moved to their own top-level bucket [Testing Events](testing-events.md) @@ -48,6 +48,7 @@ An `artifact` is usually produced as output of a build process. Events need to b | change | `object` | The change (tag, commit, revision) of the repository which was used to build the artifact" | `{"id": "527d4a1aca5e8d0df24813df5ad65d049fc8d312", "source": "my-git.example/an-org/a-repo"}`, `{"id": "feature1234", "source": "my-git.example/an-org/a-repo"}` | | signature | `string` | The signature of the artifact | `MEYCIQCBT8U5ypDXWCjlNKfzTV4KH516/SK13NZSh8znnSMNkQIhAJ3XiQlc9PM1KyjITcZXHotdMB+J3NGua5T/yshmiPmp` | | sbom | [`sbom`](#sbom) | The Software Bill of Material (SBOM) associated with the artifact | `{"uri": "https://sbom.storage.service/my-projects/3A0b31b1c02ff458ad9b7b81cbdf8f028bd54699fa151f221d1e8de6817db93427.sbom"}` | +| user | `string` | The user who performed the predicate on the artifact registry. [^user] | `mybot-myapp` | ## Events @@ -111,11 +112,26 @@ This event is usually produced by the build system. If an SBOM URI is available | change | `object` | The change (tag, commit, revision) of the repository which was used to build the artifact" | `{"id": "527d4a1aca5e8d0df24813df5ad65d049fc8d312", "source": "my-git.example/an-org/a-repo"}`, `{"id": "feature1234", "source": "my-git.example/an-org/a-repo"}` | ✅ | | sbom | [`sbom`](#sbom) | The Software Bill of Material (SBOM) associated with the artifact | `{"uri": "https://sbom.storage.service/my-projects/3A0b31b1c02ff458ad9b7b81cbdf8f028bd54699fa151f221d1e8de6817db93427.sbom"}` | | +### [`artifact signed`](examples/artifact_signed.json) + +The event represents an artifact that has been signed. The signature is included in the events itself. +An artifact may be signed after it has been packaged or sometimes after it has published, depending on the tooling being used and the type of artifact. The `artifact signed` event is typically produced by the CI or build system. + +- Event Type: __`dev.cdevents.artifact.signed.0.1.0`__ +- Predicate: signed +- Subject: [`artifact`](#artifact) + +| Field | Type | Description | Examples | Required | +|-------|------|-------------|----------|----------------------------| +| id | `Purl` | See [id](spec.md#id-subject) | `pkg:oci/myapp@sha256%3A0b31b1c02ff458ad9b7b81cbdf8f028bd54699fa151f221d1e8de6817db93427?repository_url=mycr.io/myapp`, `pkg:golang/mygit.com/myorg/myapp@234fd47e07d1004f0aed9c` | ✅ | +| source | `URI-Reference` | See [source](spec.md#source-subject) | | | +| type | `String` | See [type](spec.md#type-subject) | `artifact` | | +| signature | `string` | The signature of the artifact | `MEYCIQCBT8U5ypDXWCjlNKfzTV4KH516/SK13NZSh8znnSMNkQIhAJ3XiQlc9PM1KyjITcZXHotdMB+J3NGua5T/yshmiPmp` | ✅ | + ### [`artifact published`](examples/artifact_published.json) The event represents an artifact that has been published and it can be advertised for others to use. -This event may be produced both by the build system and by the artifact registry that received the artifact. -If an SBOM was published and the SBOM URI is available at this stage, it should be included. +The `artifact published` event is typically produced by the artifact registry, but it may also be produced by the build system. - Event Type: __`dev.cdevents.artifact.published.0.2.0-draft`__ - Predicate: published @@ -126,15 +142,15 @@ If an SBOM was published and the SBOM URI is available at this stage, it should | id | `Purl` | See [id](spec.md#id-subject) | `pkg:oci/myapp@sha256%3A0b31b1c02ff458ad9b7b81cbdf8f028bd54699fa151f221d1e8de6817db93427?repository_url=mycr.io/myapp`, `pkg:golang/mygit.com/myorg/myapp@234fd47e07d1004f0aed9c` | ✅ | | source | `URI-Reference` | See [source](spec.md#source-subject) | | | | type | `String` | See [type](spec.md#type-subject) | `artifact` | | -| sbom | [`sbom`](#sbom) | The Software Bill of Material (SBOM) associated with the artifact | `{"uri": "https://sbom.storage.service/my-projects/3A0b31b1c02ff458ad9b7b81cbdf8f028bd54699fa151f221d1e8de6817db93427.sbom"}` | | +| user | `String` | The user who published to the artifact registry. [^user] | `mybot-myapp` | | -### [`artifact signed`](examples/artifact_signed.json) +### [`artifact downloaded`](examples/artifact_downloaded.json) -The event represents an artifact that has been signed. The signature is included in the events itself. -An artifact may be signed after it has been packaged or sometimes after it has published, depending on the tooling being used and the type of artifact. +The event represents an artifact that has been downloaded from the registry. +The `artifact downloaded` event is preferably produced by the artifact registry. -- Event Type: __`dev.cdevents.artifact.signed.0.1.0`__ -- Predicate: signed +- Event Type: __`dev.cdevents.artifact.downloaded.0.1.0-draft`__ +- Predicate: downloaded - Subject: [`artifact`](#artifact) | Field | Type | Description | Examples | Required | @@ -142,7 +158,25 @@ An artifact may be signed after it has been packaged or sometimes after it has p | id | `Purl` | See [id](spec.md#id-subject) | `pkg:oci/myapp@sha256%3A0b31b1c02ff458ad9b7b81cbdf8f028bd54699fa151f221d1e8de6817db93427?repository_url=mycr.io/myapp`, `pkg:golang/mygit.com/myorg/myapp@234fd47e07d1004f0aed9c` | ✅ | | source | `URI-Reference` | See [source](spec.md#source-subject) | | | | type | `String` | See [type](spec.md#type-subject) | `artifact` | | -| signature | `string` | The signature of the artifact | `MEYCIQCBT8U5ypDXWCjlNKfzTV4KH516/SK13NZSh8znnSMNkQIhAJ3XiQlc9PM1KyjITcZXHotdMB+J3NGua5T/yshmiPmp` | ✅ | +| user | `String` | The user who downloaded from the artifact registry. [^user] | `mybot-myapp` | | + +### [`artifact deleted`](examples/artifact_deleted.json) + +The event represents an artifact that has been deleted from an artifact registry. +The `artifact deleted` event is preferably produced by the artifact registry. + +- Event Type: __`dev.cdevents.artifact.deleted.0.1.0-draft`__ +- Predicate: deleted +- Subject: [`artifact`](#artifact) + +| Field | Type | Description | Examples | Required | +|-------|------|-------------|----------|----------------------------| +| id | `Purl` | See [id](spec.md#id-subject) | `pkg:oci/myapp@sha256%3A0b31b1c02ff458ad9b7b81cbdf8f028bd54699fa151f221d1e8de6817db93427?repository_url=mycr.io/myapp`, `pkg:golang/mygit.com/myorg/myapp@234fd47e07d1004f0aed9c` | ✅ | +| source | `URI-Reference` | See [source](spec.md#source-subject) | | | +| type | `String` | See [type](spec.md#type-subject) | `artifact` | | +| user | `String` | The user who deleted from the artifact registry. [^user] | `mybot-myapp` | | + +[^user]: The actual format of `user` depends on the specific registry and authentication method used. If access to the artifact registry is obtained through a long lived token, this could be the name or description associated with the token at provisioning time. In case of an anonymous read operations, the user depends on the protocol used, a typically useful value would be the IP address of the client performing the read. ## Objects diff --git a/examples/artifact_deleted.json b/examples/artifact_deleted.json new file mode 100644 index 00000000..a4536829 --- /dev/null +++ b/examples/artifact_deleted.json @@ -0,0 +1,17 @@ +{ + "context": { + "version": "0.4.0-draft", + "id": "271069a8-fc18-44f1-b38f-9d70a1695819", + "source": "/event/source/123", + "type": "dev.cdevents.artifact.deleted.0.1.0-draft", + "timestamp": "2023-03-20T14:27:05.315384Z" + }, + "subject": { + "id": "pkg:golang/mygit.com/myorg/myapp@234fd47e07d1004f0aed9c", + "source": "/event/source/123", + "type": "artifact", + "content": { + "user": "mybot-myapp" + } + } +} diff --git a/examples/artifact_downloaded.json b/examples/artifact_downloaded.json new file mode 100644 index 00000000..94d0f718 --- /dev/null +++ b/examples/artifact_downloaded.json @@ -0,0 +1,17 @@ +{ + "context": { + "version": "0.4.0-draft", + "id": "271069a8-fc18-44f1-b38f-9d70a1695819", + "source": "/event/source/123", + "type": "dev.cdevents.artifact.downloaded.0.1.0-draft", + "timestamp": "2023-03-20T14:27:05.315384Z" + }, + "subject": { + "id": "pkg:golang/mygit.com/myorg/myapp@234fd47e07d1004f0aed9c", + "source": "/event/source/123", + "type": "artifact", + "content": { + "user": "mybot-myapp" + } + } +} diff --git a/examples/artifact_published.json b/examples/artifact_published.json index 854e2d96..462a623f 100644 --- a/examples/artifact_published.json +++ b/examples/artifact_published.json @@ -13,7 +13,8 @@ "content": { "sbom": { "uri": "https://sbom.repo/myorg/234fd47e07d1004f0aed9c.sbom" - } + }, + "user": "mybot-myapp" } } } diff --git a/schemas/artifactdeleted.json b/schemas/artifactdeleted.json new file mode 100644 index 00000000..926333bf --- /dev/null +++ b/schemas/artifactdeleted.json @@ -0,0 +1,101 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "https://cdevents.dev/0.4.0-draft/schema/artifact-deleted-event", + "properties": { + "context": { + "properties": { + "version": { + "type": "string", + "minLength": 1 + }, + "id": { + "type": "string", + "minLength": 1 + }, + "source": { + "type": "string", + "minLength": 1, + "format": "uri-reference" + }, + "type": { + "type": "string", + "enum": [ + "dev.cdevents.artifact.deleted.0.1.0-draft" + ], + "default": "dev.cdevents.artifact.deleted.0.1.0-draft" + }, + "timestamp": { + "type": "string", + "format": "date-time" + } + }, + "additionalProperties": false, + "type": "object", + "required": [ + "version", + "id", + "source", + "type", + "timestamp" + ] + }, + "subject": { + "properties": { + "id": { + "type": "string", + "minLength": 1 + }, + "source": { + "type": "string", + "minLength": 1, + "format": "uri-reference" + }, + "type": { + "type": "string", + "minLength": 1, + "enum": [ + "artifact" + ], + "default": "artifact" + }, + "content": { + "properties": { + "user": { + "type": "string", + "minLength": 1 + } + }, + "additionalProperties": false, + "type": "object" + } + }, + "additionalProperties": false, + "type": "object", + "required": [ + "id", + "type", + "content" + ] + }, + "customData": { + "oneOf": [ + { + "type": "object" + }, + { + "type": "string", + "contentEncoding": "base64" + } + ] + }, + "customDataContentType": { + "type": "string" + } + }, + "additionalProperties": false, + "type": "object", + "required": [ + "context", + "subject" + ] +} \ No newline at end of file diff --git a/schemas/artifactdownloaded.json b/schemas/artifactdownloaded.json new file mode 100644 index 00000000..b0d97a6f --- /dev/null +++ b/schemas/artifactdownloaded.json @@ -0,0 +1,101 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "https://cdevents.dev/0.4.0-draft/schema/artifact-downloaded-event", + "properties": { + "context": { + "properties": { + "version": { + "type": "string", + "minLength": 1 + }, + "id": { + "type": "string", + "minLength": 1 + }, + "source": { + "type": "string", + "minLength": 1, + "format": "uri-reference" + }, + "type": { + "type": "string", + "enum": [ + "dev.cdevents.artifact.downloaded.0.1.0-draft" + ], + "default": "dev.cdevents.artifact.downloaded.0.1.0-draft" + }, + "timestamp": { + "type": "string", + "format": "date-time" + } + }, + "additionalProperties": false, + "type": "object", + "required": [ + "version", + "id", + "source", + "type", + "timestamp" + ] + }, + "subject": { + "properties": { + "id": { + "type": "string", + "minLength": 1 + }, + "source": { + "type": "string", + "minLength": 1, + "format": "uri-reference" + }, + "type": { + "type": "string", + "minLength": 1, + "enum": [ + "artifact" + ], + "default": "artifact" + }, + "content": { + "properties": { + "user": { + "type": "string", + "minLength": 1 + } + }, + "additionalProperties": false, + "type": "object" + } + }, + "additionalProperties": false, + "type": "object", + "required": [ + "id", + "type", + "content" + ] + }, + "customData": { + "oneOf": [ + { + "type": "object" + }, + { + "type": "string", + "contentEncoding": "base64" + } + ] + }, + "customDataContentType": { + "type": "string" + } + }, + "additionalProperties": false, + "type": "object", + "required": [ + "context", + "subject" + ] +} \ No newline at end of file diff --git a/schemas/artifactpublished.json b/schemas/artifactpublished.json index ae839a66..c66081c0 100644 --- a/schemas/artifactpublished.json +++ b/schemas/artifactpublished.json @@ -73,6 +73,10 @@ "required": [ "uri" ] + }, + "user": { + "type": "string", + "minLength": 1 } }, "additionalProperties": false, diff --git a/spec.md b/spec.md index 61698d9d..6f554577 100644 --- a/spec.md +++ b/spec.md @@ -497,8 +497,11 @@ dedicated document in the spec: emitted by changes in source code or by the creation, modification or deletion of new repositories that hold source code. - __[Continuous Integration](continuous-integration.md)__: - includes events related to building, testings, packaging and releasing - software artifacts, usually binaries. + includes events related to building software artifacts and packaging, releasing + and managing software artifacts. +- __[Testing](testing.md)__: + includes events related to testing. Sometimes part of continuous + integration, testing may take place in different stages of the workflow. - __[Continuous Deployment](continuous-deployment.md)__: include events related with environments where the artifacts produced by the integration pipelines actually run. These are usually services running in a From d6b6f88c1981d90adf1f8ffa0a3d3eb1bc9aad13 Mon Sep 17 00:00:00 2001 From: Andrea Frittoli Date: Fri, 19 Jan 2024 14:48:57 +0000 Subject: [PATCH 9/9] Fix the event example in cloudevents-binding (#181) The current example uses an incosistent type and draft versions. Align the example with the v0.3.0 spec and make it consistent. Fixes: #178 Signed-off-by: Andrea Frittoli --- cloudevents-binding.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cloudevents-binding.md b/cloudevents-binding.md index b3af8650..886c2e15 100644 --- a/cloudevents-binding.md +++ b/cloudevents-binding.md @@ -92,7 +92,7 @@ Full example of a CDEvents transported through a CloudEvent in HTTP *binary* mod POST /sink HTTP/1.1 Host: cdevents.example.com ce-specversion: 1.0 -ce-type: dev.cdevents.taskrun.started.0.1-draft +ce-type: dev.cdevents.taskrun.started.0.1.1 ce-time: 2018-04-05T17:31:00Z ce-id: A234-1234-1234 ce-source: /staging/tekton/ @@ -102,10 +102,10 @@ Content-Length: nnnn { "context": { - "version": "0.4.0-draft", + "version": "0.3.0", "id" : "A234-1234-1234", "source" : "/staging/tekton/", - "type" : "dev.cdevents.taskrun.started", + "type" : "dev.cdevents.taskrun.started.0.1.1", "timestamp" : "2018-04-05T17:31:00Z", } "subject" : {