conda-store icon indicating copy to clipboard operation
conda-store copied to clipboard

Published 20 hours ago verified publisher icon conda-incubator

META: Brainstorm how Conda-Store can provide signing and guarantees around environments and builds

Open costrouc opened this issue 2 years ago • 6 comments

More security around environments

costrouc avatar Apr 30 '22 18:04 costrouc

@costrouc any interest in adding SLSA Provenance, SLSA Verification Summary Attestation (VSA), and digitally signing environments with cosign? I've been experimenting a bit with cosign, and signing conda environments and uploading/storing as OCI artifacts.

rigzba21 avatar May 05 '22 22:05 rigzba21

@rigzba21 this is exactly what I am talking about. I was at a talk at pycon about pypi packaging security and this was brought up. I'm not too knowledgable on this stuff but going to throw out some of the things mentioned:

  • Sigstore
  • https://in-toto.io/
  • https://openssf.org/blog/2021/08/11/introducing-the-allstar-github-app/ probably not as relevant.

Basically I want to increase the security guarantees that conda-store can provide.

edit: just looked into cosign and it is made by sigstore. Awesome :smile:

costrouc avatar May 06 '22 02:05 costrouc

@costrouc since conda-store already handles conda packages/environments as tarballs, blobs, and container registry (there may be more that I'm missing), it seems that cosign would pair nicely.

I've been attending a few of the OpenSSF working group meetings to get a better idea of standards, specs, and tooling.

Other notes/links:

SBOM

A Software Bill of Materials (SBOM) may also be good to have:

Formats:
Tooling:
  • syft is one that I've been using and contributing to.

Just dropping some more links here:

rigzba21 avatar May 06 '22 11:05 rigzba21

This is extremely helpful and thank you @rigzba21. Definitely plans to implement longer term but I do not see it on the short term roadmap.

costrouc avatar May 15 '22 12:05 costrouc

Repo ---------->(✅1) conda-store ---------->(✅2) end user

(✅1) One thing you can do is to verify package artifacts that you obtain from Anaconda repositories (currently only Server, Professional, or Business repos) using the signature verification feature in conda.

(✅2) As for securing the metadata and modified packages you generate, sigstore is probably a good option (though you can also use conda-content-trust if you don't mind having a long-term (instead of transitory) key). I'll have more to say on this later.

awwad avatar Jul 16 '22 19:07 awwad

Just adding here https://github.blog/2023-03-28-introducing-self-service-sboms/ that github added. @dharhas brought this up. I think that we are going to consider implementing this.

costrouc avatar Mar 29 '23 14:03 costrouc