-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support public signing in private repositories #103
Comments
@gartnera you are correct, there is currently no supported way to attest artifacts built from private repos using the public-good Sigstore. When using the official attestation actions, private repo artifacts will always be attested using the GitHub Sigstore instance. This ensures that sensitive data from private repositories doesn't end up on the public Sigstore transparency logs. However, if you wanted to distribute the attestation bundles for your artifacts to your customers, they would be able to verify the attestation in the same way they would if it had been signed by public-good Sigstore. Clients would not be able to retrieve attestations directly from the GitHub attestations API without being given explicit permission to do so on your private repo, but if you wanted to distribute the attestations through some other channel everything should just work. Worth noting that one of the primary benefits of attesting your artifacts is to provide traceability to how/where that artifact was built. If you're publishing attestations for artifacts which were built from a private repository, you're losing a good chunk of the value the attestation provides. One work-around you could consider is to move your attestation workflow to a public repository that is triggered when the build on your private repo is complete. |
Ok so we just need to distribute the attestation bundles with the binaries, use the github trusted root (?), and disable transparency log verification.
I think there is still substantial value in proving that the binary was built on a trusted CI system with a specific commit hash. We have some third party auditors who publish their audit reports with a specific commit hash. |
Assuming you're using the Here's an example of verification using a local attestation bundle:
|
Just a +1 to being able to use the public good infra even on private repos. I understand the data we're leaking, and we think it is pretty much fine -- and that each team would need to decide for themselves. Maybe it could work if there was a good documented set of example repos, which had an attestation from the private side be validated on the public side, then was re-attested on the public side? ...What would happen if we forked this repo, and just made it always use the public good instance? |
When designing this feature, we envisioned that most users would be deploying privately built binaries into privately controlled environments and we weren't sure how to adequately support this use case (private repo -> publicly distributed binaries). As a result, we decided to err on the side of maximizing privacy assurances. Private repo -> private attestation. Using the public sigstore infrastructure doesn't buy you a ton since there is at present no easy paved path for verifying our attestations; you still need to distribute attestations to your end users. @grahamc @gartnera I'd love to understand more about your use cases. How are you distributing your built artifacts? How are your end-users meant to deploy them? How are your end-users meant to verify them? In the meantime, the following scenario could be an effective workaround:
This way your users will be able to verify your artifact via:
Hope that helps, |
We have a private repository but distribute our binaries publicly.
We would like for people to be able to validate the attestations of these binaries via the public good sigstore instances. There does not appear to be a way to push to the public good store from a private repository.
The text was updated successfully, but these errors were encountered: