Analysis of CDEvents schemas against the canonical fact constraints for the internal specification.
FAIL — Several fields carry non-canonical data:
labels(ticketcreated.json) — organizational/presentation metadata, not a lifecycle state
afrittoli
/ analysis-constraints.md
Created
April 14, 2026 17:05
afrittoli
/ constraints.md
Created
April 14, 2026 17:04
Canonical Fact: A canonical fact represents a state transition or lifecycle milestone of the subject that is durable, queryable, and relevant across systems.
Subject Properties: Should describe the subject itself, but should not be other lifecycle entities. If a field refers to another lifecycle entity, that
afrittoli
/ tep-0089-implementation-plan.md
Created
March 26, 2026 17:47
TEP-0089 adds cryptographic signing and verification of TaskRun results to achieve SLSA Level 3 non-falsifiability guarantees. The original design used SPIFFE/SPIRE as the identity provider. This plan extends the approach to support multiple signing backends via configuration, with a lighter-weight Kubernetes-native OIDC option as the default path to an MVP that requires no additional cluster infrastructure.
afrittoli
/ auth0-m2m-evolution-plan.md
Last active
March 20, 2026 14:45
The Auth0 team raised two concerns about the current M2M (machine-to-machine) authentication path in GHARTS:
-
Simplify Auth0 integration: the current design requires an Auth0 Action to inject a
teamclaim into M2M tokens and keep Auth0 client metadata in sync with GHARTS team names. The Auth0 team would like to remove this coupling. -
M2M lifecycle ownership: creating M2M applications, rotating
client_secrets, and revoking access all currently require Auth0 admin access. The Auth0 team is also concerned about clients requesting new tokens on every call instead of reusing them, driving unnecessary cost.
afrittoli
/ tep-0089-implementation-plan.md
Last active
March 17, 2026 11:46
TEP-0089 adds cryptographic signing and verification of TaskRun results to achieve SLSA Level 3 non-falsifiability guarantees. The original design used SPIFFE/SPIRE as the identity provider. This plan extends the approach to support multiple signing backends via configuration, with a lighter-weight Kubernetes-native OIDC option as the default path to an MVP that requires no additional cluster infrastructure.
afrittoli
/ clickhouse_data_model.svg
Created
February 10, 2026 23:01
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
afrittoli
/ CLICKHOUSE_DATA_SOURCES.md
Last active
February 10, 2026 23:02
This document provides a comprehensive analysis of all tables in the PyTorch HUD ClickHouse database, including their data sources, ingestion paths, confidence levels, and relationships.
Last Updated: 2026-02-10
Total Tables Analyzed: 30+
afrittoli
/ dashboard-release-pipeline.yaml
Created
July 17, 2025 19:53
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: tekton.dev/v1 | |
| kind: Pipeline | |
| metadata: | |
| annotations: | |
| kubectl.kubernetes.io/last-applied-configuration: | | |
| {"apiVersion":"tekton.dev/v1beta1","kind":"Pipeline","metadata":{"annotations":{"managed-by":"Tekton"},"name":"dashboard-dashboard-release","namespace":"tekton-nightly"},"spec":{"params":[{"default":"github.com/tektoncd/dashboard","description":"package to release","name":"package"},{"description":"the git revision to release","name":"gitRevision"},{"default":"gcr.io","description":"The target image registry","name":"imageRegistry"},{"default":"tekton-releases","description":"The path (project) in the image registry","name":"imageRegistryPath"},{"default":"us eu asia","description":"The target image registry regions","name":"imageRegistryRegions"},{"default":"_json_key","description":"The user for the image registry credentials","name":"imageRegistryUser"},{"description":"The X.Y.Z version that the artifacts should be tagged with","name":"versionTag"},{"default":"gs://tekton-releases |
afrittoli
/ copy-all-skopeo.yaml
Created
December 16, 2024 19:16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: tekton.dev/v1 | |
| kind: TaskRun | |
| metadata: | |
| generateName: skopeo-sync-gcr-ghcr | |
| spec: | |
| workspaces: | |
| - name: gcp | |
| secret: | |
| secretName: release-secret | |
| - name: ghcr |
afrittoli
/ pets_py.cpp
Created
December 10, 2024 21:29
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <pybind11/pybind11.h> | |
| #define STRINGIFY(x) #x | |
| #define MACRO_STRINGIFY(x) STRINGIFY(x) | |
| int add(int i, int j) { | |
| return i + j; | |
| } | |
| struct Breed { |
NewerOlder