Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature Request: Generate Human-Readable Reports from witness verify Outputs #326

Open
colek42 opened this issue Dec 12, 2023 · 1 comment
Open

Feature Request: Generate Human-Readable Reports from witness verify Outputs #326

colek42 opened this issue Dec 12, 2023 · 1 comment
Assignees
@colek42
Labels
enhancement New feature or request

Comments

@colek42
Copy link
Member

colek42 commented Dec 12, 2023
edited
Loading

Description

As a user, I need the ability to generate detailed, human-readable reports from the outputs of the witness verify command. These reports should provide comprehensive details about each attestation's steps and fields. Users must have the flexibility to define which attestation fields to display in the report using a YAML file.

Proposed Flags

  • Report Generation Flag: --generate-report
  • YAML File Specification for Fields: --fields-config
  • Report Output File: --report-output
  • Report Format: --report-format

Report Configuration Example (YAML)

report:
  title: "Witness Verification Report"
  steps_summary:
    include: true

  attestations:
    - id: "gitlab"
      url: "https://witness.dev/attestations/gitlab/v0.1"
      fields:
        - "jwt.claims.project_id"
        - "jwt.claims.iss"
        - "ciconfigpath"
        - "jwt.verifiedBy.jwksUrl"

    - id: "gcp-iit"
      url: "https://witness.dev/attestations/gcp-iit/v0.1"
      fields:
        - "jwt.claims.iss"
        - "jwt.claims.aud"
        - "jwt.claims.email"
        - "jwt.claims.sub"
        - "jwt.verifiedBy.jwksUrl"
        - "project_id"
        - "project_number"
        - "cluster_name"
        - "cluster_uid"
        - "cluster_location"
        - "zone"

Requirements

  • Integrate a new flag --generate-report in witness verify to trigger report generation.
  • Allow users to specify the fields for each attestation in a YAML file using --fields-config.
  • Enable specifying the output file name/path with --report-output.
  • Support various output formats (PDF, HTML) with --report-format.

Expected Behavior

  • Running witness verify with --generate-report triggers report generation.
  • Users can define the fields for each attestation in a YAML file using --fields-config.
  • The tool generates a report in the specified format, containing the chosen fields for each attestation.

Use Cases

  • Developers needing reports for internal audits of deployment verifications.
  • Security analysts requiring detailed attestation reports for policy compliance.

Additional Context

  • The feature should focus on producing easy-to-read and well-formatted outputs.
  • The YAML file for fields configuration (--fields-config) allows users to customize the content of their reports based on their specific needs.
@colek42 colek42 changed the title Generate Report from Verification Feature Request: Generate Human-Readable Reports from witness verify Outputs Dec 12, 2023
@colek42 colek42 self-assigned this Dec 12, 2023
@colek42 colek42 added the enhancement New feature or request label Dec 12, 2023
@fkautz
Copy link
Contributor

fkautz commented Dec 12, 2023

If we generate an attestation of the generated report, we can have cryptographically verifiable physical reports!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@colek42 colek42

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@fkautz @colek42