-
-
Notifications
You must be signed in to change notification settings - Fork 14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Attest build provenance of artifacts #122
Conversation
Looks almost too easy! ;) I’m also not sure how to test it… @sethmlarson any opinions on correctness and/or testability? 🤔 |
Since you're uploading the artifacts to GitHub's artifact store having this signature information makes sense to me. I don't see any issues with the implementation, for testing you could run the action and then verify it with GitHub's CLI against the repository? Doing that once manually might be enough without needing to encode it into CI. |
Right, if both of you give it a 👍 I’m fine. I’ll try to land plus ship before PyCon! @hugovk changelog would be nice. 🤓 |
Added! |
One minor note: this is going to use GitHub's attestation format, which isn't what we're currently standardizing with PEP 740 😅. Given how easy it is to use GitHub's feature, however, I'm tempted to adapt PEP 740 to make it compatible with their approach. But I'll need to get in front of a computer on Monday to see what that'll involve 🙂 (TL;DR PyPI won't accept attestations in this format under the current proposed PEP. But that isn't necessarily a blocker here, since these ones are only ending up in GitHub's store anyways.) |
Maybe we should just stress the fact that it’s GH’s store for now and maybe convene at PyCon NEXT WEEK? 😱 |
@woodruffw This is what I was thinking too but because the artifacts aren't destined for PyPI (and if they are, publish provenance will happen in the upload action) maybe it's okay to only do GitHub's? Let's all chat at PyCon! |
Sounds good! |
I think we could/should still ship it until then, right? Would it make sense to rename it to |
Something like that sounds good. I can make the change soon but I'll be in a big metal cylinder and won't be able to push for many hours, so please take over if you like :) |
Safe travels, I'll be with you in thoughts. 😜 |
Hmm, what does this mean: Does it need more setup (that should be documented) or did it catch the fact I'm trying to attest a package from a "wrong" repo? |
I think it's the latter: GitHub Actions only grants the (IMO the way it fails is pretty bad: ideally the workflow would fail on Concretely, I think this workflow step needs to be skipped on non-first-party PRs or made to run only on a specific branch Edit: for context, here's how I perform a skip in a similar repo: if: (github.event_name != 'pull_request') || !github.event.pull_request.head.repo.fork i.e.: "run this step if it's not a PR or it's a PR, but the PR is not from a fork." |
This reverts commit 6a782e1.
OK, cool. Otherwise this should be fit to ship? I plan some panicked and haphazard releases before (lolsob) PyCon, so that would be a nice demo I guess? |
Yep, LGTM! |
I realized I didn't post in the related PR, so cross-linking my concerns on why this coupled implementation is dangerous: #105 (comment). |
Relates to #105.
Attest using https://github.com/actions/attest-build-provenance which uses Sigstore.
See https://github.blog/2024-05-02-introducing-artifact-attestations-now-in-public-beta/ for more info.
I'm not really sure how to test this, or if you want to add this. Feel free to take over, or close :)
It's very easy to add it to a regular workflow, for example:
hugovk/tinytext@50f5520
It signs the files before uploading to PyPI.
Then you can download them from https://test.pypi.org/project/tinytext/3.6.1.dev93/#files and verify the owner or repo using the GitHub CLI: