sigstore: default blob attestation verification to SLSA provenance v1 by crazy-max · Pull Request #1060 · docker/actions-toolkit (original) (raw)

relates to https://github.com/docker/github-builder/actions/runs/24074179428/job/70218412185#step:14:65

  Verifying signed artifact /tmp/buildx-output/linux_amd64/hello.txt
  /home/runner/work/_temp/docker-actions-toolkit-NBoV3A/cosign-bin/cosign verify-blob-attestation --new-bundle-format --certificate-oidc-issuer https://token.actions.githubusercontent.com --certificate-identity-regexp ^https://github.com/docker/github-builder/.github/workflows/bake.yml.*$ --bundle /tmp/buildx-output/linux_amd64/provenance.sigstore.json /tmp/buildx-output/linux_amd64/hello.txt
  Error: invalid predicate type, expected custom got https://slsa.dev/provenance/v1
  error during command execution: invalid predicate type, expected custom got https://slsa.dev/provenance/v1

Cosign used to silently ignore the missing predicate type in this path, but 3.0.6 started enforcing it ( see sigstore/cosign#4801) and fails with:

invalid predicate type, expected custom got https://slsa.dev/provenance/v1

Our signed provenance blobs are SLSA v1 attestations, so defaulting verification to slsaprovenance1 fixes the regression without forcing every caller to pass an obvious constant.