Skip to content

Add Notation Quick Start#87

Merged
SteveLasker merged 9 commits intonotaryproject:mainfrom
SteveLasker:readme-getting-started
Sep 14, 2021
Merged

Add Notation Quick Start#87
SteveLasker merged 9 commits intonotaryproject:mainfrom
SteveLasker:readme-getting-started

Conversation

@SteveLasker
Copy link
Contributor

Adds a basic scenario to the root readme.

Steve Lasker and others added 9 commits June 19, 2020 17:39
Signed-off-by: Steve Lasker <stevelasker@hotmail.com>
Signed-off-by: Steve Lasker <stevelasker@hotmail.com>
Signed-off-by: Steve Lasker <stevelasker@hotmail.com>
Signed-off-by: Steve Lasker <stevelasker@hotmail.com>
Signed-off-by: Steve Lasker <stevenlasker@hotmail.com>
Signed-off-by: Steve Lasker <stevenlasker@hotmail.com>
Signed-off-by: Steve Lasker <stevenlasker@hotmail.com>
Signed-off-by: Steve Lasker <stevenlasker@hotmail.com>
@SteveLasker SteveLasker requested a review from a team September 7, 2021 23:47
@SteveLasker SteveLasker added this to the alpha-1 milestone Sep 7, 2021
export IMAGE=localhost:5000/net-monitor:v1
docker build -t $IMAGE https://github.com/wabbit-networks/net-monitor.git#main
docker push $IMAGE
notation cert generate-test --default --trust "wabbit-networks-dev"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's not clear what --default and --trust do, and what is wabbit-networks-dev. We can add comments where we want to explain what a particular notation command does.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This was the quick-start, which is an abbreviated version of: #78
This is the challenge with having required parameters, for good security reasons, while enabling quick-starts.
What would you suggest to keep that balance?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The other docker commands are straightforward and probably well known to the reader. Where we introduce the notation commands, it would be nice to have a one line comments explaining what the specific command does.

Suggested change
notation cert generate-test --default --trust "wabbit-networks-dev"
# Generate a test certificate, make it the default for signing, and add it as a trusted identity for verification
notation cert generate-test --default --trust "wabbit-networks-dev"

docker build -t $IMAGE https://github.com/wabbit-networks/net-monitor.git#main
docker push $IMAGE
notation cert generate-test --default --trust "wabbit-networks-dev"
notation sign $IMAGE
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we want to demonstrate push/pull signatures from repository?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

notation sign defaults to include push. There are separate apis for generating an offline signature, which we'd cover in a different walkthrough for offline/ephemeral client scenarios.

docker push $IMAGE
notation cert generate-test --default --trust "wabbit-networks-dev"
notation sign $IMAGE
notation list $IMAGE
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A comments explaining what this command does will help.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Similar to above and #78
How would you suggest the quick-start balance, compared to longer explanations?

Once we get automated builds, users could test this themselves, and call --help to get more details or see #78

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
notation list $IMAGE
# List the image, and any associated signatures
notation list $IMAGE

Copy link
Contributor

@NiazFK NiazFK left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@SteveLasker SteveLasker merged commit 33a4ca1 into notaryproject:main Sep 14, 2021
@SteveLasker SteveLasker deleted the readme-getting-started branch September 14, 2021 00:45
7h3-3mp7y-m4n pushed a commit to 7h3-3mp7y-m4n/notation that referenced this pull request Mar 29, 2025
* Add quick-getting started to root readme
Signed-off-by: Steve Lasker <stevelasker@hotmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants

Comments