Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SLSA 1.0 Spec support #3684

Open
mlieberman85 opened this issue Mar 3, 2023 · 8 comments
Open

SLSA 1.0 Spec support #3684

mlieberman85 opened this issue Mar 3, 2023 · 8 comments
Labels
area/attestations help wanted

Comments

@mlieberman85
Copy link

Just a heads up SLSA 1.0 is currently out as a release candidate and will be going live in probably end of March 2023.

Would buildkit be interested in supporting the new spec? I can't help with the code right now but can help walk folks through the spec.
@jedevc jedevc added this to the v0.12.0 milestone Mar 6, 2023
@mlieberman85 mlieberman85 mentioned this issue Mar 6, 2023
Closed
@jedevc jedevc mentioned this issue Jun 13, 2023
Closed
@tonistiigi tonistiigi removed this from the v0.12.0 milestone Jun 28, 2023
@tonistiigi
Copy link
Member

Ref slsa-framework/slsa#716

@tompizmor
Copy link

@tonistiigi has there been any activity on this topic?

@jedevc
Copy link
Member

jedevc commented Feb 6, 2024

@tompizmor no activity recently on this. If anyone's interested, we'd be happy to take a PR to do this.

Also, x-linking this to #4269 (this is related to upgrading to in-toto v1).

@Forrin
Copy link

Forrin commented Jun 22, 2024

@jedevc I can possibly take this on. A few things I'm wondering on this one..

  • Keep version .02 support?
  • In terms of slsa for containers - https://cloud.google.com/build/docs/securing-builds/generate-validate-build-provenance#example_output is a decent example for v1 slsa. However, this doesn't have as much detail... but it's more inline with what I see in the slsa spec.
  • Expanding on the last point.. Some data doesn't map as well into slsa predicate - purge this data?
  • The provenance data for a local exporter is not the same as remote. Is that intentional? Seems all local files are included with their digests.
  • I think local exports should be supported. In particular I'd like to export the provenance data, sign it, and upload it to a different data store.
  • Should support for signing be added? If so, hooking into sigstore libraries may be viable.

Few of those points can probably be later additions.

@jedevc
Copy link
Member

jedevc commented Jun 24, 2024
edited
Loading

@Forrin thanks for your interest!

  • Keep version .02 support?

No strong opinions on this one - personally, I don't see a reason to just update to v1.0, I'm happy with that.

Yeahhhh, this is tricky - I think if we're upgrading we can reshuffle fields around, etc. But we shouldn't decrease the level of detail. If we do that, we're losing info, and then this would just be a net downgrade.

Do you have an example of some of the data that doesn't fit in neatly? Even if it doesn't fit into a field directly, SLSA still supports custom fields, and we can use those.

  • The provenance data for a local exporter is not the same as remote. Is that intentional? Seems all local files are included with their digests.
  • I think local exports should be supported. In particular I'd like to export the provenance data, sign it, and upload it to a different data store.

Each exporter produces different output formats. The remote exporter is producing a container image (where we have image manfests etc), while the local exporter is essentially just the filesystem at the root of the filesystem.

These outputs are different - so yes, they have to have different subjects in the attestation. There is the oci exporter, which exports a container to a local image store - the attestation subjects are more similar to the remote one in this case.

  • Should support for signing be added? If so, hooking into sigstore libraries may be viable.

This feels like one of the later additions, I guess it's dependent on 1.0 support in the first place? Or maybe it's orthogonal.

That said, totally a fan of this, I like the sound of that approach - I would happily support and follow along with any work in this direction.

@mlieberman85
Copy link
Author

If you have any questions around SLSA v1 I'm happy to help. I'm a maintainer of SLSA.

@tonistiigi
Copy link
Member

Definitely go over slsa-framework/slsa#716 with our initial issues with 1.0 (the issue is still open). The bottom line is that we don't want to lose any existing functionality or data that can be useful for evaluating the quality of the build.

@pjbgf
Copy link

pjbgf commented Aug 15, 2024

Hey folks! I am part of the Rancher Security team. We're looking into using BuildKit across our ecosystem for baking in provenance into our container images. So I am more than happy to help or tag team on this if needed.

The bottom line is that we don't want to lose any existing functionality or data that can be useful for evaluating the quality of the build.

Currently provenance has two modes: min and max. Would the maintainers accept the creation of a new mode to represent a strict slsa-v1? That way both min/max could be kept in line with existing, while users would still have a way to opt-in to the slsa-v1 spec if they so wished - due to hard requirements they may need to abide by.

Alternatively, would it be acceptable to make the provenance generation extensible (like the SBOM scanning protocol) so users can bring their own?

@flavio flavio mentioned this issue Aug 29, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/attestations help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@tonistiigi @mlieberman85 @tompizmor @pjbgf @jedevc @AkihiroSuda @Forrin @thompson-shaun