Add attestations list view
What does this MR do and why?
This adds the list view for attestations. This is developed under the slsa_provenance_statement feature flag.
Each attestation links to its own show view, which will be implemented in #566595.
References
Resolves #566593.
Screenshots or screen recordings
| State | Demo |
|---|---|
| When user does not have read permission or feature flag is disabled |
|
| When there are no attestations (provides a link to the SLSA Component from the CI/CD Catalog) |
|
| When there are attestations | attestations |
How to set up and validate locally
- Run the following on rails console to populate your project with attestations. The list defaults to 20 attestations per page.
project = Project.find_by_full_path('project-path')
build = project.builds.last
data = URI("https://gitlab.com/gitlab-org/software-supply-chain-security/tools/sigstore-local/-/raw/main/sample.sigstore.json").read
25.times do |i|
temp_file = Tempfile.new("sample_#{i + 1}.sigstore.json")
temp_file.write(data)
temp_file.rewind
attestation = SupplyChain::Attestation.create!(
project: build.project,
build_id: build.id,
status: ['success', 'error'].sample,
predicate_kind: "provenance",
predicate_type: "https://slsa.dev/provenance/v1",
subject_digest: SecureRandom.hex(32),
file: temp_file
)
end- Go to
/your-project/-/attestationsto view the attestations list.
MR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Edited by Mireya Andres