Merge pull request #21 from GitHubSecurityLab/jarlob/attestation

Add attestation

Author: JarLob

.github/workflows/release.yml

@@ -9,8 +9,15 @@ on:
         default: 'latest'
 
 permissions:
-    contents: read
-    packages: write
+  id-token: write
+  contents: read
+  attestations: write
+  packages: write
+
+env:
+  REGISTRY: ghcr.io
+  USER: githubsecuritylab
+  IMAGE_NAME: seclab-taskflow-agent
 
 jobs:
   release:
@@ -25,6 +32,22 @@ jobs:
           python-version: '3.11'
 
       - name: Create release
+        id: docker_build
+        run: |
+          echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin
+          python release_tools/publish_docker.py release.txt main.py ${{ env.REGISTRY }}/${{ env.USER }}/${{ env.IMAGE_NAME }} ${{ github.event.inputs.release_tag }}
+          DIGEST=$(cat /tmp/digest.txt)
+          echo "digest=$DIGEST" >> $GITHUB_OUTPUT
+
+      - name: Generate artifact attestation
+        uses: actions/attest-build-provenance@v3
+        with:
+          subject-name: ${{ env.REGISTRY }}/${{ env.USER }}/${{ env.IMAGE_NAME }}
+          subject-digest: '${{ steps.docker_build.outputs.digest }}'
+          push-to-registry: true
+
+      - name: Verify
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
-          echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u GitHubSecurityLab --password-stdin
-          python release_tools/publish_docker.py release.txt main.py ghcr.io/githubsecuritylab/seclab-taskflow-agent ${{ github.event.inputs.release_tag }}
+          gh attestation verify oci://ghcr.io/${{ env.USER }}/${{ env.IMAGE_NAME }}:${{ github.event.inputs.release_tag }} -R ${{ github.repository }}

release_tools/publish_docker.py

@@ -82,6 +82,16 @@ def write_dockerfile(dest_dir, entrypoint):
     with open(os.path.join(dest_dir, "Dockerfile"), "w") as f:
         f.write(dockerfile)
 
+def get_image_digest(image_name, tag):
+    result = subprocess.run(
+        ["docker", "buildx", "imagetools", "inspect", f"{image_name}:{tag}"],
+        stdout=subprocess.PIPE, check=True, text=True
+    )
+    for line in result.stdout.splitlines():
+        if line.strip().startswith("Digest:"):
+            return line.strip().split(":", 1)[1].strip()
+    return None
+
 def build_and_push_image(dest_dir, image_name, tag):
     # Build
     subprocess.run([
@@ -92,6 +102,10 @@ def build_and_push_image(dest_dir, image_name, tag):
         "docker", "push", f"{image_name}:{tag}"
     ], check=True)
     print(f"Pushed {image_name}:{tag}")
+    digest = get_image_digest(image_name, tag)
+    print(f"Image digest: {digest}")
+    with open("/tmp/digest.txt", "w") as f:
+        f.write(digest)
 
 if __name__ == "__main__":
     if len(sys.argv) != 5: