feat: support cosign signatures in OCI-SIF files #108
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dtrudg
force-pushed
the
cosign-sourcesink-support
branch
3 times, most recently
from
834f3ad to
a34bf95
Compare
dtrudg
force-pushed
the
cosign-sourcesink-support
branch
from
a34bf95 to
588591f
Compare
Add support for cosign signatures / attestations associated with images
and indexes within OCI-SIF files.
**Storage within the OCI-SIF**
A cosign signature or attestation is an OCI image. It is associated with
the image or index it targets using a tag based approach. The signature
or attestation has a tag indicating the digest of its target.
Within an OCI-SIF file, we will store cosign signatures and annotations
so that they have a `org.opencontainers.image.ref.name` annotation in
the root index, where the `ref.name` is a placeholder `_cosign`
repository followed by the standard cosign tag, e.g.:
_cosign:sha256-432f982638b3aefab73cc58ab28f5c16e96fdb504e8c134fc58dff4bae8bf338.sig
**SourceSink**
The cosign module defines `SignedImage` and `SignedImageIndex` types,
which wrap the standard ggcr image / index types. Because
signatures / attestations are seperate images, associated with their target
by tag, a `SignedImage` or`SignedImageIndex` needs to be able to access
blobs outside of the scope of the wrapped image or index, to 'see' the
signatures / attestations.
This PR introduces a SIF `SourceSink`, which is both a `Source` and a
`Sink`. A Source implements `Get()` to return a `Descriptor` that can
provide an Image or an Index, depending on the content of the layout
and the options that Get() was called with.
A `Descriptor` can be upgraded to a `SignedDescriptor`, which provides
access to raw cosign signature/attestation images, as well as
`cosign.SignedImage/SignedImageIndex` types.
A Sink implements `Write()`, accepting a Writable which is either a
v1.Image or v1.Index. Options allow the image or index to have a
`name.ref` annotation set in the root index when it is written.
Note that at this point, cosign signature / attestation images must
be explicilty written into the SIF. `Write` does not automatically
write associated signatures / attestations if passed a `SignedImage`
/ `SignedImageIndex`.
dtrudg
force-pushed
the
cosign-sourcesink-support
branch
from
588591f to
57acf0c
Compare
wobito
approved these changes
Jan 23, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add support for cosign signatures / attestations associated with images and indexes within OCI-SIF files.
Storage within the OCI-SIF
A cosign signature or attestation is an OCI image. It is associated with the image or index it targets using a tag based approach. The signature or attestation has a tag indicating the digest of its target.
Within an OCI-SIF file, we will store cosign signatures and annotations so that they have a
org.opencontainers.image.ref.nameannotation in the root index, where theref.nameis a placeholder_cosignrepository followed by the standard cosign tag, e.g.:
SourceSink
The cosign module defines
SignedImageandSignedImageIndextypes, which wrap the standard ggcr image / index types. Because signatures / attestations are seperate images, associated with their target by tag, aSignedImageorSignedImageIndexneeds to be able to access blobs outside of the scope of the wrapped image or index, to 'see' thesignatures / attestations.
This PR introduces a SIF
SourceSink, which is both aSourceand aSink. A Source implementsGet()to return aDescriptorthat can provide an Image or an Index, depending on the content of the layout and the options that Get() was called with.A
Descriptorcan be upgraded to aSignedDescriptor, which provides access to raw cosign signature/attestation images, as well ascosign.SignedImage/SignedImageIndextypes.A Sink implements
Write(), accepting a Writable which is either a v1.Image or v1.Index. Options allow the image or index to have aname.refannotation set in the root index when it is written.Note that at this point, cosign signature / attestation images must be explicilty written into the SIF.
Writedoes not automatically write associated signatures / attestations if passed aSignedImage.