Can't verify sbom attestation

[pputman-clabs]

I'm unable to verify the attestation of the sbom. In my workflow (added below), I create an sbom.json file which is uploaded as an artifact for sbom.spdx.json. If I download the artifact created, and run the following:

gh attestation verify ~/Downloads/sbom.spdx.json --owner my-org
Loaded digest sha256:4410592651bb3ff8fb2b74b992e89664ceff4ae0cf186e561f02b37c4361d4ff for file:///Users/my-user/Downloads/sbom.spdx.json
✗ Loading attestations from GitHub API failed

Error: failed to fetch attestations from my-org: HTTP 404: Not Found (https://api.github.com/orgs/my-org/attestations/sha256:4410592651bb3ff8fb2b74b992e89664ceff4ae0cf186e561f02b37c4361d4ff?per_page=30)

Since this is the SBOM that was generated and used with this action to sign, should I not be able to verify the attestation of this sbom file?

    - name: Generate artifact attestation
       uses: actions/attest-build-provenance@v2
       with:
        subject-name: ${{ inputs.registry }}
        subject-digest: ${{ steps.docker-build-push.outputs.digest }}
        push-to-registry: true
    

    - uses: anchore/sbom-action@v0
      id: build-sbom
      with:
        image: ${{ inputs.registry }}@${{ steps.docker-build-push.outputs.digest }}
        output-file: ./sbom.json
        artifact-name: sbom.spdx.json
      
    - name: Generate SBOM attestation
      uses: actions/attest-sbom@v1
      with: 
        subject-name: ${{ inputs.registry }}
        subject-digest: ${{ steps.docker-build-push.outputs.digest }}
        sbom-path: sbom.json
        push-to-registry: true

[bdehamer]

@pputman-clabs in order to verify the attestation, you need to supply the artifact that was attested (the subject) to the gh attestation verify command. In your case, it looks like the subject of your attestation is a container image so you'd want to do something like:

gh attestation verify oci://<image-uri> --owner my-org

[pputman-clabs]

I'm sorry, aren't we attesting to the actual SBOM, to say that yes, this is a valid bill of materials? If I'm building a provenance and sbom attestation, how do I verify them each independently?

[pputman-clabs]

just to show you that I am running an attestation verify, but it only shows the provenance attestations, nothing to do with the sbom.

gh attestation verify oci://us-west1-docker.pkg.dev/devopsre/dev-images/akeyless-action:testing --owner my-org --signer-repo my-org/reusable-workflows
Loaded digest sha256:4bd2a6f032fc1268fc8edbf949b3f97bd2595019ef9c6ebf5ec360ee2e1741bb for oci://us-west1-docker.pkg.dev/devopsre/dev-images/akeyless-action:testing
Loaded 15 attestations from GitHub API

The following policy criteria will be enforced:
- OIDC Issuer must match:................... https://token.actions.githubusercontent.com
- Source Repository Owner URI must match:... https://github.com/my-org
- Predicate type must match:................ https://slsa.dev/provenance/v1
- Subject Alternative Name must match regex: (?i)^https://github.com/my-org/reusable-workflows/

✓ Verification succeeded!

sha256:4bd2a6f032fc1268fc8edbf949b3f97bd2595019ef9c6ebf5ec360ee2e1741bb was attested by:
REPO                         PREDICATE_TYPE                  WORKFLOW                                                   
my-org/reusable-workflows  https://slsa.dev/provenance/v1  .github/workflows/docker-build.yaml@refs/heads/v3.0.0-alpha
my-org/reusable-workflows  https://slsa.dev/provenance/v1  .github/workflows/docker-build.yaml@refs/heads/v3.0.0-alpha
my-org/reusable-workflows  https://slsa.dev/provenance/v1  .github/workflows/docker-build.yaml@refs/heads/v3.0.0-alpha
my-org/reusable-workflows  https://slsa.dev/provenance/v1  .github/workflows/docker-build.yaml@refs/heads/v3.0.0-alpha
my-org/reusable-workflows  https://slsa.dev/provenance/v1  .github/workflows/docker-build.yaml@refs/heads/v3.0.0-alpha
my-org/reusable-workflows  https://slsa.dev/provenance/v1  .github/workflows/docker-build.yaml@refs/heads/v3.0.0-alpha
my-org/reusable-workflows  https://slsa.dev/provenance/v1  .github/workflows/docker-build.yaml@refs/heads/v3.0.0-alpha
my-org/reusable-workflows  https://slsa.dev/provenance/v1  .github/workflows/docker-build.yaml@refs/heads/v3.0.0-alpha
my-org/reusable-workflows  https://slsa.dev/provenance/v1  .github/workflows/docker-build.yaml@refs/heads/v3.0.0-alpha
my-org/reusable-workflows  https://slsa.dev/provenance/v1  .github/workflows/docker-build.yaml@refs/heads/v3.0.0-alpha

[bdehamer]

By default, the attestation verify command will only verify provenance attestations. If you want to work with your SBOM attestations you'll need to use the --predicate-type flag:

gh attestation verify oci://<image-uri> --predicate-type https://spdx.dev/Document/v2.3 --owner my-org

[joshjohanning]

@pputman-clabs To tie a loop here, you use the --predicate-type https://spdx.dev/Document/v2.3 flag to ask if there is an attestation for your subject (in your case a container image uri, in my case a file)

You can then use the --format json parameter to output more information about that attestation.

As an example for a file (not a container image) that I wanted to verify:

gh attestation verify build.tar.gz \
  --owner joshjohanning-org \
  --predicate-type https://spdx.dev/Document/v2.3 \
  --format json \
  --jq '.[].verificationResult.statement.predicate'

Result (you can see packages references here):

I am using the SBOM artifact created in GitHub for my example. Here is the relevant snippet from the workflow file:

      - uses: advanced-security/generate-sbom-action@v1
        id: gensbom

      - name: Attest SBOM
        uses: actions/attest-sbom@v2
        with:
          subject-path: 'staging/build.tar.gz'
          sbom-path: '${{ steps.gensbom.outputs.fileName }}'