slsa icon indicating copy to clipboard operation
slsa copied to clipboard
verified publisher icon slsa-framework

Request for more detail in definition of "build service"

Open bobcatfish opened this issue 3 years ago • 2 comments

It would be great to get more detail in the definition of "build service" if possible.

It seems like a hard phrase to pin down - and seems to boil down to 'not a workstation under a developer's desk'. If that really is as well as we can define it, that's fine, but I'm hoping we can be a bit more precise. Maybe the definition has something to do with the way the "build service" is accessed, and ties into some version of the SLSA common requirements? e.g. maybe what makes a "build service" a "build service" is something to do with how it's run and who has access to it.

(More context available in SLSA + Tekton: Case Study - particularly the section on "build service" as it could be interpreted for Tekton - the doc is visible to anyone in mailing list [email protected] )

bobcatfish avatar Apr 15 '22 00:04 bobcatfish

#365 is related here.

mlieberman85 avatar Apr 15 '22 00:04 mlieberman85

Note: #599 is another question about "build service". I marked that one as a dupe of this one.

Postponing to post-1.0.

MarkLodato avatar Mar 20 '23 18:03 MarkLodato