-
Notifications
You must be signed in to change notification settings - Fork 19
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Strange verification behavior #316
Comments
Hi @Xopek! Sorry for being so quiet but I have been working on this quietly since yesterday (thank you for pointing it out!). The verification failure feedback is a relatively new piece of logic in the tool (before it simply told you pass or fail, no rhyme or reason). After having a dig into the code, I am happy to say that I have figured a lot of this out and I currently have the following failure logs working in a branch:
Hopefully I'm right in saying that something like this is what you were expecting to see? I am going about cleaning up this so I can raise it in a PR. Once it's ready it would be awesome if you could give it a review and a test! |
Hi, @ChaosInTheCRD! Thanks for answer, yeah this output looks much better and thats what i was expecting, thank you very much! I will definitely test it and review, when it its ready, thank you! |
Both One other thing to chime in on with you @Xopek, in the nature of how the verification flow works, it does evaluate "matching" collections based on some parameters (either by query to archivista or from the specified Given that multiple collections can be found during a verification, this leads to still getting the experience you're seeing where you see more than 1 verification failure line (multiple collections failing for the same reasons). For now I have mitigated the confusion by adding a
So you know more about which collection it is talking about. Hopefully that makes sense. Thank you for trying out Witness! |
Wow, thanks, i will try to test it today |
left comment here in-toto/witness#485 |
Hello!
I discovered this project and tried to go through Getting Started. I noticed, that when i run verification process i have this 3 weird lines (i highlighted them), which i don't understand:
Then i tried to modify policy to include requirement for attestation in order to see how verification will fail, well error is very misleading and also duplicated 3 times:
Actually only gitlab attestation should be mentioned in error, others are present. And why error just duplicated 3 times? I started digging into code and found this piece of code
in https://github.com/in-toto/go-witness/blob/main/policy/policy.go
Looks like because of this magic number 3, verification is done 3 times with mostly the same parameters, thats why i see error and success 3 times. Is it expected behavior?
The text was updated successfully, but these errors were encountered: