Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[feature] Output provenance as Sigstore bundle format #3750

Closed
haydentherapper opened this issue Jul 29, 2024 · 8 comments · Fixed by #3777
Closed

[feature] Output provenance as Sigstore bundle format #3750

haydentherapper opened this issue Jul 29, 2024 · 8 comments · Fixed by #3777
Labels
status:triage Issue that has not been triaged type:feature New feature or request

Comments

@haydentherapper
Copy link
Contributor

Is your feature request related to a problem? Please describe.

There is no support for offline verification currently. While a certificate is persisted in the DSSE signature, the Rekor entry proof is not, meaning the SLSA verifier must do an online lookup for the entry in Rekor.

Additionally, since all Sigstore clients now support the bundle format, this would allow SLSA clients to directly use Sigstore libraries to handle verification of the attestation signature (reducing code and simplifying maintenance), with the SLSA client handling verification of the attestation contents.

Describe the solution you'd like

Sigstore has defined a bundle format to store an attestation or signature along with verification metadata (certificate, signed timestamps, and Rekor log proofs). The generator should output a .sigstore.json bundle (the extension matches what other Sigstore clients output).

This was discussed in #716, but this issue was filed before the bundle format was created. This issue tracked persisting Rekor's inclusion proof as its own file.

Describe alternatives you've considered

An alternative would be to have a divergent format or save verification metadata as "detached" files, which complicates storage of that metadata for no benefit.

@ramonpetgrave64
Copy link
Collaborator

The "BYOB" (bazel, maven, gradle, nodejs) builders will use the "delegator" workflows, which will use our .github/actions/sign-attestations action to produce Sigstore bundles.

The go builder and generic generator, still only produce the DSSE envelope.

If there were a go library for producing Sigstore bundles, then we could easily integrate it within existing code for producing attestation envelopes. But it seems only the sigstore-js library can do that.

Otherwise, I think we might be able to use reuse our existing .github/actions/generate-attestations and .github/actions/sign-attestations actions in the generic and go workflows.

  • - name: Generate attestations
    id: attestations
    uses: slsa-framework/slsa-github-generator/.github/actions/generate-attestations@main
    with:
    slsa-layout-file: ${{ env.SLSA_ARTIFACTS_FILE }}
    predicate-type: ${{ steps.predicate-type.outputs.predicate-type }}
    predicate-file: ${{ env.SLSA_PREDICATE_FILE }}
    output-folder: attestations
    - name: Sign attestations
    id: sign
    uses: slsa-framework/slsa-github-generator/.github/actions/sign-attestations@main
    with:
    attestations: attestations
    output-folder: "${{ needs.rng.outputs.value }}-slsa-attestations"

@ramonpetgrave64
Copy link
Collaborator

ramonpetgrave64 commented Jul 29, 2024

^ This could also make it easier to get all the generators to start using the SLSA v1.0 format for provenance, and simplify the slsa-verifier code significantly.
cc : @laurentsimon @ianlewis

@ianlewis
Copy link
Member

I agree we should try to move the generic generator and go builder to use BYOB code and internal actions. Ideally we could eventually remove the Go code to consolidate on TypeScript (and bash to a lesser extent). It would be a significant effort since it's essentially a rewrite but fairly straightforward.

I don't think we can really eliminate the Go code from the container-based (docker) builder that @asraa and @rbehjati worked on though. I don't know if anyone's using it or if we should properly support it.

@ramonpetgrave64
Copy link
Collaborator

ramonpetgrave64 commented Aug 21, 2024

To give an update, sigstore-go now has bundle-producing functionality that I make use of in this PR to address this issue. I chose to modify the the original go code to produce Sigstore Bundles, instead of only DSSE envelopes, as a mostly drop-in replacement.

@ianlewis I also agree, but while attempting, I found that

  • if we used BYOB, not all the parameters that are available in the original workflow will work with BYOB. This means there would be breaking changes.
  • Directly using our .github/actions/generate-attestations and .github/actions/sign-attestations actions in the original workflow requires a lot of careful and extensive manual testing.

ramonpetgrave64 added a commit to slsa-framework/slsa-verifier that referenced this issue Aug 24, 2024
re: slsa-framework/slsa-github-generator#3750

Rekor TLog entries can now be of the type dsse v0.0.1, as when what's
returned when using sigstore-go's `Bundle()`.

This is to support eventual Sigstore Bundles produced by
slsa-github-generator's "generic" generator, which will likely use
sigstore-go's Bundle to produce attestations

-
slsa-framework/slsa-github-generator@main...ramonpetgrave64-internal-builder-sigstore-bundlev2#diff-b186a0c5d9ae459b11b694f05455568453699670926d21cad06cafec3dbf895eR101
-
https://github.com/slsa-framework/slsa-github-generator/actions/runs/10359750833

## Tesing

- Added unit tests with stub data
- manual invocations to very both new and old attestations and bundles,
with some modifications for testing purposes
-
main...verify-sigstore-go-Bundlev3#diff-94741068472ee694a12811cd704179dd478a9fa20a3bf45cf6ea2d4406214dc2R179

## Followup

Finish the work to produce bundles from the generic generators
-
slsa-framework/slsa-github-generator@main...ramonpetgrave64-internal-builder-sigstore-bundlev2#diff-b186a0c5d9ae459b11b694f05455568453699670926d21cad06cafec3dbf895eR101

---------

Signed-off-by: Ramon Petgrave <[email protected]>
Signed-off-by: Ramon Petgrave <[email protected]>
@ianlewis
Copy link
Member

Directly using our .github/actions/generate-attestations and .github/actions/sign-attestations actions in the original workflow requires a lot of careful and extensive manual testing.

Could you elaborate more on what you mean here? My understanding is that they currently expect to be a builder and thus generate a subject hash from the artifacts themselves, whereas for the generic generator we would need it to take the subject as an input. What kind of additional testing do you think would be required?

@ramonpetgrave64
Copy link
Collaborator

@ianlewis I mean when I want to organize the actions, and their input and outputs. It took me a long while to demo a working conversion of the "generic-generator" that uses the "delegator".

I say it would be difficult to test because I think I would have to also include setup-generic and verfy-token in order to generate the SLSA_PREDICATE_FILE.

I hadn't tried it yet, so maybe it wouldn't have been so difficult. Github Actions workflows are generally not easy to debug, so I thought working with the go code would be a simpler to develop for.

@ianlewis
Copy link
Member

Right. BYOB does need to be support generators. Should be a fairly straightforward conversion for the Go builder I think though.

@ianlewis
Copy link
Member

Github Actions workflows are generally not easy to debug, so I thought working with the go code would be a simpler to develop for.

BTW, most of the TypeScript (aside from code that uses OIDC) should be able to be run locally if given the right environment variables and is similar to the Go code in that regard. Though not all of the actions are easy to invoke this way. I usually just set up some tests and run locally to debug before testing on GitHub Actions since the iteration loop is long there.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
status:triage Issue that has not been triaged type:feature New feature or request
Projects
None yet
3 participants