17 lines
994 B
Markdown
17 lines
994 B
Markdown
# Provenance Backfill Plan (Sprint 401)
|
|
|
|
Artifacts available
|
|
- Attestation inventory: `docs/modules/provenance/guides/attestation-inventory-2025-11-18.ndjson`
|
|
- Subject→Rekor map: `docs/modules/provenance/guides/subject-rekor-map-2025-11-18.json`
|
|
|
|
Procedure (deterministic)
|
|
1) Load inventory NDJSON; validate UUID/ULID and digest formats.
|
|
2) For each record, resolve Rekor entry via the subject→Rekor map; if missing, record gap and skip write.
|
|
3) Emit backfilled events to the provenance store using `scripts/publish_attestation_with_provenance.sh --mode backfill` (add `--subject` and `--rekor` arguments) with sorted input to guarantee stable ordering.
|
|
4) Log every backfilled subject + Rekor digest pair to `logs/provenance-backfill-2025-11-18.ndjson` (UTC timestamps, ISO-8601).
|
|
5) Rerun until gaps are zero; then mark PROV-BACKFILL-401-029 DONE.
|
|
|
|
Determinism
|
|
- Sort by subject, then rekorEntry before processing.
|
|
- Use canonical JSON writer for outputs; timestamps in UTC `O` format.
|