provenance slsa v1

[crazy-max]

fixes #3684

Adds support for SLSA provenance v1. This is currently opt-in with a new version attribute:

# buildctl
buildctl build \
    --frontend=dockerfile.v0 \
    --local context=. \
    --local dockerfile=. \
    --opt attest:provenance=version=v1

# buildx
docker buildx build --provenance version=v1 .

If version is not set it defaults to v0.2.

Examples

docker buildx build --tag crazymax/buildkit:slsa02-min --push --provenance version=v0.2,mode=min .

• https://explore.ggcr.dev/?image=crazymax%2Fbuildkit%3Aslsa02-min
• https://explore.ggcr.dev/?blob=crazymax/buildkit@sha256:9c5eaeea713561542b9be38500df6aee17aa950681ed560d1b76a526965db694&mt=application%2Fvnd.in-toto%2Bjson&size=2208

---

docker buildx build --tag crazymax/buildkit:slsa02-max --push --provenance version=v0.2,mode=max .

• https://explore.ggcr.dev/?image=crazymax%2Fbuildkit%3Aslsa02-max
• https://explore.ggcr.dev/?blob=crazymax/buildkit@sha256:d48406772bf3baa98d28055014e6c55307bb2468bc721d1a9678f35a01250e83&mt=application%2Fvnd.in-toto%2Bjson&size=61875

---

docker buildx build --tag crazymax/buildkit:slsa1-min --push --provenance version=v1,mode=min .

• https://explore.ggcr.dev/?image=crazymax%2Fbuildkit%3Aslsa1-min
• https://explore.ggcr.dev/?blob=crazymax/buildkit@sha256:7fa2986eb7130131f23880bc196e3891d5bd6a99c6752222f555650841ffe818&mt=application%2Fvnd.in-toto%2Bjson&size=2246

---

docker buildx build --tag crazymax/buildkit:slsa1-max --push --provenance version=v1,mode=max .

• https://explore.ggcr.dev/?image=crazymax%2Fbuildkit%3Aslsa1-max
• https://explore.ggcr.dev/?blob=crazymax/buildkit@sha256:8aefb03d9677c5d82010f86eee78fee4ddeecec7b8e1fec42230597429d162c3&mt=application%2Fvnd.in-toto%2Bjson&size=61914

cc @mlieberman85 @lehors @cdupuis

[crazy-max]

Didn't set the builder components versions. I can't find any real use cases in the wild atm. Maybe setting BuildKit version would be fine but as BuildKit has backward compatibility guarantee, it should not affect reproducibility.

[crazy-max]

For backward compatiblity with tools using v0.2.

[crazy-max]

@tonistiigi As discussed offline we would want an opt-in to enable SLSA v1 for provenance in build history. I guess this would not be through the new version attribute but a builtin-var like BUILDKIT_HISTORY_PROVENANCE_SLSA that takes the version as value?

[crazy-max]

Added opt-in for provenance slsa v1 for build record history

[crazy-max]

Don't think we care much about it but found in the spec that extension fields should have a specific format: https://slsa.dev/spec/v1.1/provenance#extension-fields

Extension fields SHOULD use names of the form <vendor>_<fieldname>, e.g. examplebuilder_isCodeReviewed. This practice avoids field name collisions by namespacing each vendor. Non-extension field names never contain an underscore.

[crazy-max]

Updated docs and examples with pushed images.

[AkihiroSuda]

Any reason to still stick to v0.2 by default?

[tonistiigi]

For backwards compatibility with existing tools. We need to give the tools some time to upgrade their compatibility and test, then we can switch the default.

[tonistiigi]

"_type": "https://in-toto.io/Statement/v0.1",
"predicateType": ["https://slsa.dev/provenance/v1"](https://slsa.dev/provenance/v1),

Spec seems to use "_type": "https://in-toto.io/Statement/v1", although I don't see constant in library.

I don't think digestMapping and llbDefinition should be in externalParameters. Afaics this is things that resembles build request from user. I think they could be in internalParameters iiuc or completely separate extension field.

Because the builder.id is more important now, I wonder if we should fill in some generic one (linking to our docs). Maybe even different ones depending on if build is complete, hermetic. I think we also need to add a way to set version, not sure if there is ever any need to builderDependencies.

Extension fields SHOULD use names of the form _, e.g. examplebuilder_isCodeReviewed. This practice avoids field name collisions by namespacing each vendor. Non-extension field names never contain an underscore.

So maybe buildkit_completeness, buildkit_layers would be enough?

byproducts

This can be follow-up but should also think how we can create links to logs etc (eg. in Github actions) here.

"environment": {
"platform": "linux/amd64"
}

I'm not sure if we need nesting in here. Just nativePlatform/systemPlatform etc. unless we think we will have more properties for environment. "environment" was field in v0.2 afaics. Similar for configSource but don't have better naming ideas there.

[tonistiigi]

We can create a tracking issue to revert this and convert from 1 to 02, as eventually we want to remove 02.

[tonistiigi]

This should be actual URL iiuc. We can point it to docs file of github I think as it probably isn't very easy for us to update mobyproject.org

[crazy-max]

Updated to https://github.com/moby/buildkit/blob/master/docs/attestations/slsa-definitions.md. I looked at others buildType in the wild such as https://cloud.google.com/build/gcb-buildtypes/google-worker/v1. Maybe a dedicated page for v1 would be better.

[tonistiigi]

does this make more sense as "request"?

[crazy-max]

Yes request looks more aligned, will change that.

[tonistiigi]

@mlieberman85 @Forrin @pjbgf @MarkLodato @patricklawsongoogle PTAL

[crazy-max]

"_type": "https://in-toto.io/Statement/v0.1",
"predicateType": ["https://slsa.dev/provenance/v1"](https://slsa.dev/provenance/v1),

Spec seems to use "_type": "https://in-toto.io/Statement/v1", although I don't see constant in library.

Yes I didn't set the in-toto statement header to v1 here. Was thinking it could be a follow-up as I don't think the underlying provenance v1 predicate requires a specific in-toto version but I agree that we should consider updating to v1 (#4269). cc @cdupuis

I don't think digestMapping and llbDefinition should be in externalParameters. Afaics this is things that resembles build request from user. I think they could be in internalParameters iiuc or completely separate extension field.

Oh indeed, buildConfig should definitely be in internalParameters.

So maybe buildkit_completeness, buildkit_layers would be enough?

Yes this is what I was thinking but that's not a requirement from the spec. Happy to change it if we want to.

I'm not sure if we need nesting in here. Just nativePlatform/systemPlatform etc. unless we think we will have more properties for environment. "environment" was field in v0.2 afaics.

I kept environment on purpose so it matches completness.environment: https://github.com/moby/buildkit/pull/6005/files#diff-8a8a99742261bb2be81ed3891c4978554577af9c45acc5b642148f69489045afR190

Similar for configSource but don't have better naming ideas there.

I looked at the Google's buildType: https://cloud.google.com/build/gcb-buildtypes/google-worker/v1. They name it buildConfigSource.

byproducts

This can be follow-up but should also think how we can create links to logs etc (eg. in Github actions) here.

Yes for GHA logs it could be this kind of URI https://github.com/docker/buildx/suites/39847479240/logs?attempt=1 but need to think about how we can pass byproducts in the build request (name + uri + digest).

[tonistiigi]

Yes this is what I was thinking but that's not a requirement from the spec. Happy to change it if we want to.

If the old format is based on v0.2 requirements that don't exist anymore then I think we should change it. Does it mean mixing snake and camelcase though?

I kept environment on purpose so it matches completness.environment:

But that doesn't exist anymore after v0.2.

Could you push new images after updates.

[crazy-max]

If the old format is based on v0.2 requirements that don't exist anymore then I think we should change it.

Yes old format of field names for extension fields are URIs.

Does it mean mixing snake and camelcase though?

Yes looks like it: https://slsa.dev/spec/v1.1/provenance#extension-fields

But that doesn't exist anymore after v0.2.

True, I just wanted to keep Completeness struct as there is no equivalent in v1. I'm revisiting that to be aligned with v1.