-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Difficulties with pypi_attestations verify
#55
Comments
Hi @AA-Turner, no problem at all! I appreciate the detailed issue. I'll respond to each of your items below, but as a high-level point: the With that being said, I agree that all of these are defects.
The reason we do this is because we need both files to perform verification (both the dist and the attestation), and so we infer the attestation's name from the file it's attesting for. With that said we could definitely improve the error message here, and emphasize that people should pass in (We should also make it so that Update: Done!
Yep, that's possible -- the identity to use is embedded as the certificate's SAN (Subject Alternative Name), so we can present that if it isn't already. Update: Confirmed that this is present already, but will look into improving the presentation.
Agreed, we'll expand it. The reason it's a URL instead of an email like in the README is because it's produced by GitHub Actions, meaning the signing identity is the workflow identity that produced the attestation rather than the user identity that owns the repo. This is intended behavior, and it's what PyPI itself currently expects when uploading with attestations (attestations must currently match the Trusted Publisher workflow identity that's configured on PyPI).
Yep, that's a bug. (This goes back to the point about this CLI not being an intended public interface, but it's a bug regardless.) Update: Fixed on
The identity/SAN will always be the "job workflow ref" for the workflow identity, which will always be
then your attestation identity will look like:
...where This variance is one of the reasons the
It's understandable that you missed it, since it's still in a PR! You can find the documentation for much of this in pypi/warehouse#16398; please let me know if you have any questions about it. As a bottom line: if possible, it'd be ideal for the Sphinx CI/CD to use (The README doesn't say that, which is our fault. I'll also update it to nudge people towards the APIs, with a note that the CLI is principally for experimentation only.) |
See #55. Signed-off-by: William Woodruff <william@trailofbits.com>
I just checked, and it looks like we do indeed print the identity. For example:
The list under |
See #55. Signed-off-by: William Woodruff <william@trailofbits.com>
Thanks Will, I've switched to the I appreciate that you want to keep the CLI as experimental/non-stable, but it is awfully useful. Hyrum's law and all that, I suppose. Nevertheless, the only part of the CLI we now use is If your position changes and you become open to making use of the command-line interface more official, it would be very welcome -- I try to keep my use of non-first-party (GitHub) actions to a minimum, even though I do trust the developers of the PyPA action. One thing I did discover is that the "Transparency Log" entries actually mean something and go somewhere -- I thought originally it was just some internal logging. The GitHub action outputs "Attestation signature uploaded to Rekor transparency log: https://search.sigstore.dev/?logIndex=137921341", which might be a useful thing to point people towards both in documentation and in the tool's output. Thank you for suffering my ignorance, and for being so prompt in updating things. Thanks, |
Makes sense! We'll keep this in mind as we continue to stabilize the package here -- one possibility is that we collapse the CLI here into the
Thank you for your detailed issue and responses! I greatly appreciate that you've gone and dove straight into the internals of PEP 740. |
As an update, Sphinx 8.1 has been released with PEP 740 attestations. I tried to validate using the materials from PyPI, but failed. I appreciate that this may be too early, though (I got the provenance URL from the docs PR you linked earlier):
A |
You're not too early, but there's unfortunately an extra step that isn't documented yet: that API returns a provenance object (per PEP 740), which contains bundles of The top-level API is |
The docs for this have fully landed: https://docs.pypi.org/attestations/, so I'm closing here! Please ping me anytime if you have any follow-on questions or problems with the docs 🙂 |
Hi,
I'm looking to use PEP 740 attestations in Sphinx, using the
pypi_attestations
CLI. The signing and inspection steps seem to work, but I've had some trouble withverify
. Hopefully there's an opportunity to improve documenation or guidance:Running
verify dist/*.publish.attestation
fails with an unhelpful error. This was my first approach, as I wanted to run sign-inspect-verify consecutively in GHA, and theinspect
command runs on.publish.attestation
files. Similarly, runningverify dist/*
fails with the same error -- perhaps the tool could check if the extension is already.publish.attestation
, and if so skip that file?pypi_attestations inspect
doesn't tell me what value I should be using with--identity
(I don't know if this is possible, though). The example on README uses an email, so I tried the email I use for commits, which failed.The failure for an incorrect
--identity
key is obscure and confusing ("Certificate's SANs do not match"):At the least expanding the initialism so that I can look up what a SAN is would be helpful. The key for "actual SANs" is a hyperlink, which doesn't look like the example of the
verify
command on the README.Failures to verify in CI don't exit with a non-zero status code, so GHA reports all is well -- this seems wrong.
Using the "actual SAN" hyperlink as the value for
--identity
works, but it is unclear how to auto-generate this for verification purposes. Is it always<address of fork>/<path to workflow>@refs/heads/<branch name>
? Is there a difference if annotated or lightweight git tags are used? I can find many of these things by trial-and-error, but the documentation ofpypi_attestations verify
in README doesn't mention it.Sorry for the laundry list of problems, but I thought it would be helpful to list my experience here as attestations are still fairly new. If I've missed a very obvious source of documentation please forgive me -- I tried looking in e.g. https://docs.pypi.org/attestations/publish/v1 as listed in
pypi_attestations inspect
, but every part of that path is a 404.Thanks,
Adam
P.S. For context, the Sphinx PR that lead to this is at sphinx-doc/sphinx#12981
The text was updated successfully, but these errors were encountered: