graph TD
subgraph bob_forge
bob_scitt[Bob: SCITT]
bob_activitypub[Bob: ActivityPub or Heartwood]
bob_scitt -->|convert to endor| bob_activitypub
bob_activitypub --> bob_online_clone_hook_scitt_changes
bob_cool_software
bob_cool_software --> bob_cool_software_releaseasset_v1_0_0
bob_cool_software_releaseasset_v1_0_0 --> bob_scitt
end
subgraph alice_forge
alice_forge[Alice: Forgejo]
alice_scitt[Alice: SCITT]
alice_activitypub[Alice: ActivityPub or Heartwood]
alice_scitt -->|convert to endor| alice_activitypub
alice_activitypub --> alice_online_clone_hook_scitt_changes
alice_online_clone_hook_scitt_changes[New receipt from SCITT event stream]
alice_guac_incoming_to_triage[vuln/bug form auto-generated and submitted - aka ticket for new pinning request]
alice_guac_triaged[vuln/bug triaged]
alice_online_clone_hook_scitt_changes -->|content or content address of untriaged vuln/bug| alice_guac_incoming_to_triage
alice_guac_incoming_to_triage -->|apply policy as code based on dataflow/workflow execution, sandboxed via overlays and overlays on overlays^N| alice_guac_triaged
alice_guac_triaged -->|upload context local attestation for transformed data as request output type| alice_scitt
alice_online_clone_hook_scitt_changes -->|creation of manifest instance and attestation for pull request to update<br>context local attestation, pinning, on new receipt containing releaseasseet.json| alice_scitt
alice_online_clone_hook_scitt_changes -->|execution of running of CI/CD job via issue ops as manifest| alice_forge
end
bob_activitypub-->|federate to alice| alice_activitypub
alice_activitypub -->|federate to bob| bob_activitypub
Created
March 31, 2023 02:25
-
-
Save pdxjohnny/8357bbef3229e36e3741e9eb5aa76777 to your computer and use it in GitHub Desktop.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment