-
Notifications
You must be signed in to change notification settings - Fork 49
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add slsa v1?draft provenance experimental support #470
Conversation
Signed-off-by: Asra Ali <asraa@google.com>
Signed-off-by: Asra Ali <asraa@google.com>
Signed-off-by: Asra Ali <asraa@google.com>
cc @laurentsimon this is ready for review. |
Signed-off-by: Asra Ali <asraa@google.com>
// one must be set. We already check to ensure that they are mutually exclusive. | ||
if ExperimentalEnabled() { | ||
if !(cmd.Flags().Changed("provenance-path") || | ||
cmd.Flags().Changed("bundle-path")) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm curious if we want another options for this or simply re-use provenance-path
?
Does a new option require users to be "aware" of the "type" of provenance file they want to verify? Is this OK?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm good point, from our perspective we will be having generators that may output DSSE or sigstore bundle, and clients may still want a uniform interface rather than switching over the extension type.
I can update to allow that -- we'll have to test unmarshal both to figure out the right type, but it will actually clean up the interface.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I thought about this too but didn't comment since I figured that having separate options has the benefit of avoiding format type detection logic. If all types have the same security implications then probably it's fine, but if one format could be more secure than others then we might have to worry about downgrades.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So long as we turn this option on my default the same content is present and same validations will occur. So let's definitely resolve this one before releasing.
Signed-off-by: Asra Ali asraa@google.com
Description:
feat: Adds slsa v1?draft provenance support with unit SLSA v1 provenance tests
feat: [EXPERIMENTAL] Adds
--bundle-path
option to specify a Sigstore bundle.test: I've added unit tests with the SLSA v1 provenance.
Follow-up issue:
Fixes #464
Fixes #441