cipd: enforce attestation check [infra/luci/luci-go : main]
0 views
Skip to first unread message
Chenlin Fan (Gerrit)
Jun 18, 2026, 12:51:08 AM (10 days ago) Jun 18
to Robbie Iannucci, Vadim Shtayura, chromium...@chromium.org, infra-revi...@chromium.org
Attention needed from Robbie Iannucci and Vadim Shtayura
Chenlin Fan voted![]( "Open in Gerrit")
| Auto-Submit | +1 |
| Commit-Queue | +1 |
Related details
Attention is currently required from:
- Robbie Iannucci
- Vadim Shtayura
Submit Requirements:
Code-Owners
Code-Review
Review-Enforcement
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Chenlin Fan (Gerrit)
Jun 18, 2026, 2:56:23 AM (10 days ago) Jun 18
to LUCI CQ, Robbie Iannucci, Vadim Shtayura, chromium...@chromium.org, infra-revi...@chromium.org
Attention needed from Robbie Iannucci and Vadim Shtayura
Chenlin Fan voted Auto-Submit+0![]( "Open in Gerrit")
| Auto-Submit | +0 |
Related details
Attention is currently required from:
- Robbie Iannucci
- Vadim Shtayura
Submit Requirements:
Code-Owners
Code-Review
Review-Enforcement
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Chenlin Fan (Gerrit)
Jun 18, 2026, 2:56:32 AM (10 days ago) Jun 18
to LUCI CQ, Robbie Iannucci, Vadim Shtayura, chromium...@chromium.org, infra-revi...@chromium.org
Attention needed from Robbie Iannucci and Vadim Shtayura
Chenlin Fan voted Auto-Submit+1![]( "Open in Gerrit")
| Auto-Submit | +1 |
Robbie Iannucci (Gerrit)
Jun 18, 2026, 9:06:49 PM (9 days ago) Jun 18
to Chenlin Fan, LUCI CQ, Vadim Shtayura, chromium...@chromium.org, infra-revi...@chromium.org
Attention needed from Chenlin Fan and Vadim Shtayura
Robbie Iannucci voted and added 1 comment![]( "Open in Gerrit")
Votes added by Robbie Iannucci
| Code-Review | +1 |
1 comment
Patchset-level comments
Related details
Attention is currently required from:
- Chenlin Fan
- Vadim Shtayura
Submit Requirements:
Code-Owners
Code-Review
Review-Enforcement
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Chenlin Fan (Gerrit)
Jun 18, 2026, 10:21:19 PM (9 days ago) Jun 18
to Robbie Iannucci, LUCI CQ, Vadim Shtayura, chromium...@chromium.org, infra-revi...@chromium.org
Attention needed from Robbie Iannucci and Vadim Shtayura
Chenlin Fan voted and added 1 comment![]( "Open in Gerrit")
Votes added by Chenlin Fan
| Auto-Submit | +1 |
| Commit-Queue | +1 |
Robbie Iannucci . resolved
good luck
Chenlin Fan
:( no not good. need another stamp because I touched proto for VerificationPurpose.
Related details
Attention is currently required from:
- Robbie Iannucci
- Vadim Shtayura
Submit Requirements:
Code-Owners
Code-Review
Review-Enforcement
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Robbie Iannucci (Gerrit)
Jun 18, 2026, 10:39:41 PM (9 days ago) Jun 18
to Chenlin Fan, LUCI CQ, Vadim Shtayura, chromium...@chromium.org, infra-revi...@chromium.org
Attention needed from Chenlin Fan and Vadim Shtayura
Robbie Iannucci voted and added 1 comment![]( "Open in Gerrit")
Votes added by Robbie Iannucci
| Code-Review | +1 |
1 comment
Patchset-level comments
Related details
Attention is currently required from:
- Chenlin Fan
- Vadim Shtayura
Submit Requirements:
Code-Owners
Code-Review
Review-Enforcement
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Chenlin Fan (Gerrit)
Jun 19, 2026, 12:05:19 AM (9 days ago) Jun 19
to Robbie Iannucci, LUCI CQ, Vadim Shtayura, chromium...@chromium.org, infra-revi...@chromium.org
Attention needed from Vadim Shtayura
Chenlin Fan voted Commit-Queue+2![]( "Open in Gerrit")
Attention is currently required from:
- Vadim Shtayura
Submit Requirements:
Code-Owners
Code-Review
Review-Enforcement
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
LUCI CQ (Gerrit)
Jun 19, 2026, 12:05:39 AM (9 days ago) Jun 19
to Chenlin Fan, Robbie Iannucci, Vadim Shtayura, chromium...@chromium.org, infra-revi...@chromium.org
LUCI CQ submitted the change![]( "Open in Gerrit")
Change information
Commit message:
cipd: enforce attestation check
- Reject registration request when attestation check failed.
- Remove obsolete attach metadata workflow.
This won't block package uploads UNLESS it's under an L1 policy.
Currently almost all prefix are exempt to L0 except some infra/chromium
3pp related prefixes.
Bug: 393121542
Change-Id: Iebcb4bbb9fb0987bbc2c5fdca548f3994ddf5740
Auto-Submit: Chenlin Fan <fa...@chromium.org>
Reviewed-by: Robbie Iannucci <iann...@google.com>
Commit-Queue: Chenlin Fan <fa...@chromium.org>
Files:
- M cipd/appengine/impl/repo/repo.go
- M cipd/appengine/impl/repo/repo_test.go
- M cipd/appengine/impl/vsa/api/software_verifier_service.pb.go
- M cipd/appengine/impl/vsa/api/software_verifier_service.proto
- M cipd/appengine/impl/vsa/api/vsa_log_entry.pb.go
- M cipd/appengine/impl/vsa/vsa.go
Change size: M
Delta: 6 files changed, 40 insertions(+), 104 deletions(-)
Branch: refs/heads/main
Submit Requirements:
Code-Review: +1 by Robbie Iannucci
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Reply all
Reply to author
Forward
0 new messages