Fix: Drop the CosignPredicate wrapper around SBOM attestations.
#2718
Conversation
Codecov Report
📣 This organization is not using Codecov’s GitHub App Integration. We recommend you install it so Codecov can continue to function properly for your repositories. Learn more @@ Coverage Diff @@
## main #2718 +/- ##
=======================================
Coverage 30.15% 30.15%
=======================================
Files 150 150
Lines 9470 9470
=======================================
Hits 2856 2856
Misses 6177 6177
Partials 437 437 Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. |
|
Please, sign off your commits. |
|
@hectorj2f yeah, I was just letting CI run to tell me what all I broke as I juggle this and the other commit. I already signed it locally, I was just wondering whether I could save MS some money by waiting to update things 😁 |
🐛 This change drops the `CosignPredicate` that `cosign` wraps around SPDX/CycloneDX attestations.
Currently `cosign` wraps SPDX and CycloneDX attestations produced via their shortnames (`cosign attest --type {spdxjson|cyclonedx}`) in a `CosignPredicate` envelope.
However, the whole point of the in-toto `predicateType` is to specify the schema of the `predicate`, and despite using the SPDX and Cyclone predicate type URIs, this envelope violates their schema with the extra layer.
Moreover, if users were to attest these SBOMs with the explicit predicate type URI:
```
cosign attest --type https://spdx.dev/Document ...
```
Then `cosign` will NOT add this additional envelope, which makes it effectively impossible to know the schema to use for policy validation based strictly on the `predicateType` because even `cosign` will produce these attestations both
ways.
Fixes: sigstore#2126
/kind bug
Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
mattmoor
force-pushed
the
remove-envelope
branch
from
b7bd99b
to
7c68406
Compare
|
🚨 🚨 Let's not merge this until (at least) Monday 🚨 🚨 ... since I understand I'm sending breaking changes on the weekend, and I'd like to get more 👀 on this. |
|
Lgtm |
|
I think this is a good fix and I'm okay with a breaking change here but I want to understand who this would break before I approve. AFAICT there're no Sigstore tools (other than policy-controller) that we'd be breaking, and they already know about both versions of this. But from #2126:
So the question is: does Same question for tools other than trivy that might be depending on this. The alternative might be:
I'm not sure it's worth that much effort so I think I'd be okay with just merging this. Just wanted to think it through. |
|
@znewman01 So I believe that everything in the Trivy example you link will continue to work just fine because this doesn't change anything about the signatures, and these are just signing and attesting. What breaks is when the user has a Cue/Rego policy over the attestation content, then they previously had an extra |
They have an example at the bottom where they parse the output of
Yeah, that's a good point. I think I've been talked into just ripping off the band-aid, though, so I'm okay if you want to merge. |
|
@znewman01 Thanks, I missed that bit.
I'm pretty sure it doesn't, but I could be wrong. 🤔 Now you have me wondering what If Trivy doesn't support both ways today, then it is already broken today for I dislike that this could break some user policies, but at the same time because of this strange duality we also can't really advise users on how to write policies against a schema because the current mechanism violates the schema things should have. My hope is that if we "stop the bleeding" now, we can get ahead of things before this stuff goes too mainstream to walk back 🤞 |
It does not, which is exactly why I created the issue: As commented in #2307 (comment), this would also make the newly added attestation-support in Trivy obsolete. |
…gstore#2718) 🐛 This change drops the `CosignPredicate` that `cosign` wraps around SPDX/CycloneDX attestations. Currently `cosign` wraps SPDX and CycloneDX attestations produced via their shortnames (`cosign attest --type {spdxjson|cyclonedx}`) in a `CosignPredicate` envelope. However, the whole point of the in-toto `predicateType` is to specify the schema of the `predicate`, and despite using the SPDX and Cyclone predicate type URIs, this envelope violates their schema with the extra layer. Moreover, if users were to attest these SBOMs with the explicit predicate type URI: ``` cosign attest --type https://spdx.dev/Document ... ``` Then `cosign` will NOT add this additional envelope, which makes it effectively impossible to know the schema to use for policy validation based strictly on the `predicateType` because even `cosign` will produce these attestations both ways. Fixes: sigstore#2126 /kind bug Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
🐛 This change drops the
CosignPredicatethatcosignwraps around SPDX/CycloneDX attestations.Currently
cosignwraps SPDX and CycloneDX attestations produced via their shortnames (cosign attest --type {spdxjson|cyclonedx}) in aCosignPredicateenvelope.However, the whole point of the in-toto
predicateTypeis to specify the schema of thepredicate, and despite using the SPDX and Cyclone predicate type URIs, this envelope violates their schema with the extra layer.Moreover, if users were to attest these SBOMs with the explicit predicate type URI:
Then
cosignwill NOT add this additional envelope, which makes it effectively impossible to know the schema to use for policy validation based strictly on thepredicateTypebecause evencosignwill produce these attestations both ways.Fixes: #2126
/kind bug
Release Note
BREAKING: This change removes the
CosignPredicateenvelope that wraps the predicates of SPDX and CycloneDX attestations, which was a violation of the schema specified via theirpredicateTypefield.Documentation