cosign icon indicating copy to clipboard operation
cosign copied to clipboard
verified publisher icon sigstore

Attaching the signature artifact to the Image artifact

Open wieringen opened this issue 1 year ago • 8 comments

When I use oras (or gcloud artifacts attachments create) to attach an artifact to an image artifact, it's displayed in a parent/child relation in the UI of Google Cloud Artifact registry.

Screenshot 2024-11-15 at 15 35 16

When I use cosign this is not the case. The signature artifact is displayed like a normal artifact and no relationship is visible at first glance.

After comparing some of the manifests, I noticed that oras adds a field called subject to the manifest of the added artifact with a reference to the digest of the image artifact. "subject": { "mediaType": "application/vnd.oci.image.index.v1+json", "digest": "sha256:the_digest_of_the_image", "size": 856 }

https://github.com/opencontainers/image-spec/pull/1020 https://github.com/docker/build-push-action/issues/1260

You can use the following command oras attach --artifact-type doc/example --annotation "key1=val1" --annotation "key2=val2" localhost:5000/hello:v1 to quickly create an attached artifact at that location.

Can cosign support the subject field as well?

wieringen avatar Nov 15 '24 15:11 wieringen

That's already possible:

  • https://github.com/sigstore/cosign/pull/2684

Try:

COSIGN_EXPERIMENTAL=1 cosign sign --registry-referrers-mode=oci-1-1 ...

But generally speaking, OCI-1.1 support in Cosign is poor and it doesn't seem like there has been any improvement in a very long time. In particular, it's still not possible to attach attestations in an OCI compliant way. For that reason we're thinking about migrating away from Cosign. (In fact, I found this issue while investigating if there have been any improvements over the last year or so, but sadly it doesn't look that way.)

ChristianCiach avatar Dec 16 '24 16:12 ChristianCiach

Thanks for your reply! My experience has been the same as yours. I noticed that it’s possible to attach an artifact in an oci1.1 compliant way, but oci1.1 for attestations is not supported. What other options besides cosign are there?

wieringen avatar Dec 16 '24 17:12 wieringen

OCI 1.1 support is planned - https://github.com/sigstore/cosign/blob/main/specs/BUNDLE_SPEC.md

haydentherapper avatar Dec 16 '24 18:12 haydentherapper

https://github.com/moby/buildkit/issues/5561

buildkit is adding support in v0.19.0

wieringen avatar Dec 17 '24 10:12 wieringen

The proposed Bundle-spec will be just another breaking change that makes all existing attachments and tooling incompatible, yet again. Also, I need to attach signatures and SBOMs in a future-proof way right now.

What other options besides cosign are there?

I am currently looking into Notation/NotaryV2 in combination with ORAS. My plan is to just push my SBOMs as true OCI attachments (Referrers API) using ORAS and maybe sign them using Notation. I am not saying that these tools are "better" than Cosign, but at least they seem committed to their specifications without deprecating everything every year.

ChristianCiach avatar Dec 17 '24 10:12 ChristianCiach

The planned OCI 1.1 referring artifact support for attestations (Bundle-spec) is in active development here and should be available very soon as an optional feature in Cosign.

We've been very deliberate in designing the new specifications and this PR is part of a series of client standardization efforts that have been ongoing for nearly two years, centered on the Sigstore Bundle Format. The other language clients are cross-compatible and Cosign is the last to be updated, as we take breaking changes very seriously.

codysoyland avatar Dec 17 '24 19:12 codysoyland

I'll also point out https://github.com/sigstore/cosign/issues/3927 as a solution for signatures as OCI artifacts, as the spec I linked is for attestations.

@ChristianCiach, adapting based on feedback from consumers and evolving the specification based on progress across the ecosystem is a natural part of development. Yes, in this example, there is a breaking change in terms of the format so old Cosign versions will not be compatible, but it's not accurate to say existing attachments will fail. We can continue to support verification of the current signature specification.

We want to standardize on the format of the signature and its verification material across Sigstore clients and SDKs. Cosign is actually the outlier in this case as bundles are already implemented in 5 Sigstore SDKs. We've made a lot of progress recently towards supporting this newer bundle format in Cosign, launched in Cosign v2.4.0. The bundle specification I've linked is our answer to OCI 1.1 and bundles - using OCI 1.1 with the current spec for the signature format keeps Cosign divergent and incompatible with the rest of the ecosystem, and using annotations to store bundles makes no progress towards OCI 1.1.

We are always open to feedback or PRs from the community.

haydentherapper avatar Dec 17 '24 19:12 haydentherapper

Thanks a lot, guys! Everything is a lot clearer to me now.

wieringen avatar Dec 18 '24 09:12 wieringen