Add SLSA provenance generator to release; closes #222 #223
Conversation
…issions Signed-off-by: Diogo Teles Sant'Anna <diogoteles08@gmail.com>
Signed-off-by: Diogo Teles Sant'Anna <diogoteles08@gmail.com>
Signed-off-by: Diogo Teles Sant'Anna <diogoteles08@gmail.com>
Signed-off-by: Diogo Teles Sant'Anna <diogoteles08@gmail.com>
…ild provenance Signed-off-by: Diogo Teles Sant'Anna <diogoteles08@gmail.com>
Signed-off-by: Diogo Teles Sant'Anna <diogoteles08@gmail.com>
This reverts commit 88583f0.
|
/gcbrun |
|
Great! Should I squash commits for you? |
|
Not necessary, thanks! |
.github/workflows/release.yml
Outdated
| contents: write # To add assets to a release. | ||
| uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.2.0 | ||
| with: | ||
| attestation-name: sigstore-python-provenance.intoto.jsonl |
There was a problem hiding this comment.
This seems arbitrary. Is it possible to make this based on the name of the artifact that the provenance is generated for? Also, how does this handle multiple artifacts? Are they all bundled in the same file?
E.g., could we make the provenance for sigstore-0.6.5.tar.gz be sigstore-0.6.5.tar.gz.intoto.jsonl, and so on?
There was a problem hiding this comment.
Based on my local testings, you can use that unique provenance file to verify both artifacts. That's why I used an "arbitrary" name
There was a problem hiding this comment.
We could indeed separate the provenances, but AFAIK for that I would need to create and output two different hashes and then call the slsa-github-generator twice, which seems a bit redundant
There was a problem hiding this comment.
I'm personally okay with them being bundled together, although I also have a slight preference for the attestation filename having the version number in it somewhere (that way, someone who wants to pull down every attestation we've ever generated doesn't need to do the renaming on their own).
There was a problem hiding this comment.
Perhaps this is better as a feature request upstream for the generator. I think in the Python world, it makes more sense to have provenance be per-artifact instead.
There was a problem hiding this comment.
I understand. I'll talk to someone that I know who works on SLSA project and ask if they have this feature in mind and possibly raise the issue.
In the meanwhile, I'll try to change the code to automatically fetch the release version and create the provenance with the name provenance-sigstore-{version number}.intoto.jsonl. Does it sound good?
There was a problem hiding this comment.
Just commited the proposed changes, please take a look
There was a problem hiding this comment.
Hey, @laurentsimon from the upstream SLSA generator project.
The SLSA specs currently encourage the use of a single multiple.intoto.jsonl provenance covering all artifacts (see in-toto/attestation#107). Having a version is definitely good feedback for them, so I replied to the thread.
I think in the Python world, it makes more sense to have provenance be per-artifact instead.
Can you explain why it makes more sense?
There was a problem hiding this comment.
It's not the case here, but when Python builds include native code, builds have to be run across multiple platforms and architectures. In a hypothetical future, we might have a project that needs to generate provenance from multiple discrete SLSA-compatible builders, for multiple artifacts. So, the first problem is: what we name that provenance, so at verification time, users know what to use with a given artifact?
Then, if we then want to distribute provenance along with the artifact, we have the same problem: on a repository like PyPI, we have distribution files, and then additional artifacts that directly relate to those files. So for example, if I was signing something with PGP, I would upload sigstore-0.6.5.tar.gz and sigstore-0.6.5.tar.gz.asc. I think we want to follow a similar pattern here.
There was a problem hiding this comment.
Makes sense. @diogoteles08 when you get to a project like the one @di describes, let me know. I think the builds use strategy matrix, so we could handle them similar to slsa-framework/slsa-github-generator#707
On the instructions on how to verify the provenance, we were reffering to the instructions on how to do so, but linking to the wrong URL. Signed-off-by: Diogo Teles Sant'Anna <diogoteles08@gmail.com>
Signed-off-by: Diogo Teles Sant'Anna <diogoteles08@gmail.com>
|
/gcbrun |
On release-pypi job on release workflow, the token-id permission was set to "write", but it's not necessary and was removed. Signed-off-by: Diogo Teles Sant'Anna <diogoteles08@gmail.com>
|
/gcbrun |
Signed-off-by: William Woodruff <william@yossarian.net>
Signed-off-by: William Woodruff <william@yossarian.net>
|
/gcbrun |
| actions: read # To read the workflow path. | ||
| id-token: write # To sign the provenance. | ||
| contents: write # To add assets to a release. | ||
| uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.2.0 |
There was a problem hiding this comment.
Nonblocking: for consistency with the other actions in this workflow, we should probably use a hash rev instead of a symbolic (tag) rev.
There was a problem hiding this comment.
hash is not supported for the builder, due to a lack of GH support to map a hash to a branch. This is an intentional design decision we have made. We aim to change that once the relevant GitHub support is there. See the reasoning at slsa-framework/slsa-verifier#12
There was a problem hiding this comment.
I agree that it would maintain the consistency and also follow the best practice rules, but currently SLSA generator does not support hash pinning, although there already is an issue about that. More details here
There was a problem hiding this comment.
However I think it would be a good idea to add a comment on code explaining this decision, because it's indeed contradictory and more people can question that. Will work on it
There was a problem hiding this comment.
+1, with a link to the documentation. We can add a link to the tracking issue in the documentation of our repo.
Because of a demand of SLSA Generator, their action cannot be used through pinned hashing. As using tags goes agains the best practices, I'm letting explicit the reason why we are using them. Signed-off-by: Diogo Teles Sant'Anna <diogoteles08@gmail.com>
|
/gcbrun |
…sigstore#223)" This reverts commit e5acd69.
…tore#222 (sigstore#223)" (sigstore#232)" This reverts commit 2e438cd.
Summary
This pull request adds a provenance generator to the Github Action build workflow. It enhances the security of the end-user by allowing them to verify the integrity of the artifact they are consuming. Closes #222.
Also, this PRs divides the build workflow into different jobs, each of them with their specific permissions.
IMPORTANT: The new build flow was not able to be fully tested because I did not have the credentials to publish on PYPI and also could not upload the release on Github because I did not added tags. But until this point of the build, everything worked out fine.
Release Note
Documentation
I also changed the README to instruct the users on how to use the provenance to verify their artifacts.