Skip to content

Commit

Permalink
ci: verify provenance for guest-components
Browse files Browse the repository at this point in the history
The GC and agent artifacts attestations are being verified, so far
this is only toggled on for mkosi on fedora images.

Signed-off-by: Magnus Kulke <[email protected]>
  • Loading branch information
mkulke committed Oct 22, 2024
1 parent 4de6783 commit ca04b04
Show file tree
Hide file tree
Showing 7 changed files with 83 additions and 13 deletions.
5 changes: 4 additions & 1 deletion .github/workflows/azure-podvm-image-build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -61,9 +61,12 @@ jobs:
sudo mv uplosi /usr/local/bin
- name: Build binaries
env:
TEE_PLATFORM: az-cvm-vtpm
VERIFY_PROVENANCE: yes
run: |
make fedora-binaries-builder
TEE_PLATFORM=az-cvm-vtpm make binaries
make binaries
- name: Build image
run: make image
Expand Down
5 changes: 5 additions & 0 deletions src/cloud-api-adaptor/hack/verify-provenance.sh
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,11 @@ if [[ "$oci_artifact" =~ @sha256:[a-fA-F0-9]{32}$ ]]; then
exit 1
fi

cleanup() {
rm -f "$attestation_bundle"
}
trap cleanup EXIT SIGINT SIGTERM

# Convention by gh cli
attestation_bundle="${oci_artifact#*@}.jsonl"

Expand Down
2 changes: 2 additions & 0 deletions src/cloud-api-adaptor/podvm-mkosi/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ PODVM_DISTRO ?= fedora
PODVM_TAG ?= $(VERSIONS_HASH)
PODVM_NAME ?= $(REGISTRY)/podvm-generic-$(PODVM_DISTRO)-$(ARCH)
PODVM_CONTAINER_NAME ?= $(REGISTRY)/podvm-docker-image
VERIFY_PROVENANCE ?= no

.DEFAULT_GOAL := all
.PHONY: all
Expand Down Expand Up @@ -56,6 +57,7 @@ endif
--build-arg PAUSE_VERSION=$(PAUSE_VERSION) \
--build-arg PAUSE_BIN=$(PAUSE_BIN) \
--build-arg IMAGE_NAME=mkosi-podvm-binaries \
--build-arg VERIFY_PROVENANCE=$(VERIFY_PROVENANCE) \
$(if $(AUTHFILE),--build-arg AUTHFILE=$(AUTHFILE),) \
$(if $(DEFAULT_AGENT_POLICY_FILE),--build-arg DEFAULT_AGENT_POLICY_FILE=$(DEFAULT_AGENT_POLICY_FILE),) \
-o type=local,dest="./resources/binaries-tree" \
Expand Down
2 changes: 2 additions & 0 deletions src/cloud-api-adaptor/podvm/Dockerfile.podvm_binaries.fedora
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ ARG PAUSE_REPO
ARG PAUSE_VERSION
ARG PAUSE_BIN
ARG IMAGE_NAME
ARG VERIFY_PROVENANCE

ENV AUTHFILE=${AUTHFILE}
ENV PAUSE_REPO=${PAUSE_REPO}
Expand All @@ -38,6 +39,7 @@ ENV TEE_PLATFORM=${TEE_PLATFORM}
ENV ARCH=${ARCH}
ENV DEFAULT_AGENT_POLICY_FILE=${DEFAULT_AGENT_POLICY_FILE}
ENV IMAGE_NAME=${IMAGE_NAME}
ENV VERIFY_PROVENANCE=${VERIFY_PROVENANCE}

# Set these as they are required in the Makefile
ENV IMAGE_URL="none"
Expand Down
6 changes: 5 additions & 1 deletion src/cloud-api-adaptor/podvm/Dockerfile.podvm_builder.fedora
Original file line number Diff line number Diff line change
Expand Up @@ -21,9 +21,13 @@ RUN dnf groupinstall -y 'Development Tools' && \
dnf install -y yum-utils gnupg git perl-core pkg-config libseccomp-devel gpgme-devel \
device-mapper-devel unzip libassuan-devel \
perl-FindBin openssl-devel tpm2-tss-devel \
clang which xz && \
clang which xz jq && \
dnf clean all

RUN dnf install 'dnf-command(config-manager)' && \
dnf config-manager --add-repo https://cli.github.com/packages/rpm/gh-cli.repo && \
dnf install -y gh --repo gh-cli

ADD https://dl.google.com/go/go${GO_VERSION}.linux-${ARCH}.tar.gz go${GO_VERSION}.linux-${ARCH}.tar.gz
RUN rm -rf /usr/local/go && tar -C /usr/local -xzf go${GO_VERSION}.linux-${ARCH}.tar.gz && rm -f go${GO_VERSION}.linux-${ARCH}.tar.gz

Expand Down
74 changes: 64 additions & 10 deletions src/cloud-api-adaptor/podvm/Makefile.inc
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,32 @@ AGENT_POLICY ?= yes
AGENT_POLICY_PATH := $(FILES_DIR)/etc/kata-opa
DEFAULT_AGENT_POLICY_FILE ?= allow-all.rego

# Run github artifact provenance verifications
VERIFY_PROVENANCE ?= no
GUEST_COMPONENTS_REPO := confidential-containers/guest-components
KATA_REPO := kata-containers/kata-containers

# probe version if the ref does not appear to be a git commit digest
ifeq ($(shell echo $(GUEST_COMPONENTS_REF) | grep -E "[0-9a-f]{40}"),)
GUEST_COMPONENTS_COMMIT := $(shell curl \
--silent \
--retry 3 \
https://api.github.com/repos/$(GUEST_COMPONENTS_REPO)/commits/v$(GUEST_COMPONENTS_REF) \
| jq -e -r .sha)
else
GUEST_COMPONENTS_COMMIT := $(GUEST_COMPONENTS_REF)
endif

# probe version if the ref does not appear to be a git commit digest
ifeq ($(shell echo $(KATA_REF) | grep -E "[0-9a-f]{40}"),)
KATA_COMMIT := $(shell curl \
--silent \
--retry 3 \
https://api.github.com/repos/$(KATA_REPO)/commits/v$(KATA_REF) \
| jq -e -r .sha)
else
KATA_COMMIT := $(KATA_REF)
endif

FORCE_TARGET := $(if $(FORCE),force,)

Expand Down Expand Up @@ -71,7 +97,14 @@ PROCESS_USER_DATA = $(FILES_DIR)/usr/local/bin/process-user-data

# Allow BINARIES to be overriden externally

BINARIES ?= $(AGENT_PROTOCOL_FORWARDER) $(KATA_AGENT) $(PAUSE) $(ATTESTATION_AGENT) $(CONFIDENTIAL_DATA_HUB) $(API_SERVER_REST) $(PROCESS_USER_DATA)
BINARIES ?= \
$(AGENT_PROTOCOL_FORWARDER) \
$(API_SERVER_REST) \
$(ATTESTATION_AGENT) \
$(CONFIDENTIAL_DATA_HUB) \
$(KATA_AGENT) \
$(PAUSE) \
$(PROCESS_USER_DATA)

SKOPEO_SRC ?= skopeo
SKOPEO_BIN ?= $(SKOPEO_SRC)/bin/skopeo
Expand All @@ -84,6 +117,32 @@ PAUSE_SRC = pause
# Allows to override
PAUSE_BUNDLE ?= pause_bundle

define pull_agent_artifact
$(eval $(call generate_tag,tag,$(KATA_REF),$(ARCH)))
$(eval OCI_IMAGE := $(KATA_REGISTRY)/agent)
$(eval OCI_DIGEST := $(shell oras resolve $(OCI_IMAGE):${tag}))
$(eval OCI_REF := $(OCI_IMAGE)@$(OCI_DIGEST))
$(if $(filter yes,$(VERIFY_PROVENANCE)),$(ROOT_DIR)hack/verify-provenance.sh \
-a $(OCI_REF) \
-r $(KATA_REPO) \
-d $(KATA_COMMIT))
oras pull $(OCI_REF)
endef

# $(1) - Artifact name
# $(2) - Tag suffix
define pull_gc_artifact
$(eval $(call generate_tag,tag,$(GUEST_COMPONENTS_REF),$(2)))
$(eval OCI_IMAGE := $(GUEST_COMPONENTS_REGISTRY)/$(1))
$(eval OCI_DIGEST := $(shell oras resolve $(OCI_IMAGE):${tag}))
$(eval OCI_REF := $(OCI_IMAGE)@$(OCI_DIGEST))
$(if $(filter yes,$(VERIFY_PROVENANCE)),$(ROOT_DIR)hack/verify-provenance.sh \
-a $(OCI_REF) \
-r $(GUEST_COMPONENTS_REPO) \
-d $(GUEST_COMPONENTS_COMMIT))
oras pull $(OCI_REF)
endef

# Clone a specific commit/tag/branch of a repo.
# $(1) - Repository URL
# $(2) - Destination directory
Expand Down Expand Up @@ -119,8 +178,7 @@ $(PROCESS_USER_DATA): always
install -D --compare "$(ROOT_DIR)/process-user-data" "$@"

$(KATA_AGENT): $(FORCE_TARGET)
$(eval $(call generate_tag,tag,$(KATA_REF),$(ARCH)))
oras pull $(KATA_REGISTRY)/agent:${tag}
$(call pull_agent_artifact)
tar xvJpf kata-static-agent.tar.xz
install -D --compare "./usr/bin/kata-agent" "$@"

Expand Down Expand Up @@ -150,21 +208,17 @@ $(PAUSE): | $(PAUSE_SRC) $(UMOCI_SRC)/umoci
$(UMOCI_SRC)/umoci unpack --rootless --image "$(PAUSE_SRC):$(PAUSE_VERSION)" "${FILES_DIR}/$(PAUSE_BUNDLE)"

$(ATTESTATION_AGENT): $(FORCE_TARGET)
$(eval SUFFIX := $(TEE_PLATFORM)_$(ARCH))
$(eval $(call generate_tag,tag,$(GUEST_COMPONENTS_REF),$(SUFFIX)))
oras pull $(GUEST_COMPONENTS_REGISTRY)/attestation-agent:${tag}
$(call pull_gc_artifact,attestation-agent,$(TEE_PLATFORM)_$(ARCH))
tar xvJpf attestation-agent.tar.xz
install -D --compare attestation-agent "$@"

$(CONFIDENTIAL_DATA_HUB): $(FORCE_TARGET)
$(eval $(call generate_tag,tag,$(GUEST_COMPONENTS_REF),$(ARCH)))
oras pull $(GUEST_COMPONENTS_REGISTRY)/confidential-data-hub:${tag}
$(call pull_gc_artifact,confidential-data-hub,$(ARCH))
tar xvJpf confidential-data-hub.tar.xz
install -D --compare confidential-data-hub "$@"

$(API_SERVER_REST): $(FORCE_TARGET)
$(eval $(call generate_tag,tag,$(GUEST_COMPONENTS_REF),$(ARCH)))
oras pull $(GUEST_COMPONENTS_REGISTRY)/api-server-rest:${tag}
$(call pull_gc_artifact,api-server-rest,$(ARCH))
tar xvJpf api-server-rest.tar.xz
install -D --compare api-server-rest "$@"

Expand Down
2 changes: 1 addition & 1 deletion src/cloud-api-adaptor/versions.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ oci:
tag: 3.9
kata-containers:
registry: ghcr.io/kata-containers/cached-artefacts
reference: 3.9.0
reference: 9a33a3413b222868232402a7412562f4f6fb5736
guest-components:
registry: ghcr.io/confidential-containers/guest-components
reference: d8da69072424e496486dfb5421a26f16ff2a7abf

0 comments on commit ca04b04

Please sign in to comment.