Skip to content

fix(aqua): support GitHub attestation predicate fields#10169

Merged
jdx merged 1 commit into
jdx:mainfrom
risu729:codex-20260531-180052-9d8b9c
Jun 12, 2026
Merged

fix(aqua): support GitHub attestation predicate fields#10169
jdx merged 1 commit into
jdx:mainfrom
risu729:codex-20260531-180052-9d8b9c

Conversation

@risu729

@risu729 risu729 commented May 31, 2026
edited by coderabbitai Bot
Loading

Copy link
Copy Markdown
Contributor

Summary

  • model aqua github_artifact_attestations.predicate_type
  • pass predicate filters into GitHub attestation detection and verification for aqua packages
  • bypass the digest-only versions-host attestation cache when a predicate filter is configured

Field References

Packages Using This Field

Current aqua-registry entries using github_artifact_attestations.predicate_type:

SPDX SBOM vs SLSA Provenance

SPDX is a standard Software Bill of Materials format. An SPDX SBOM answers "what is in this artifact?" It lists package/component metadata such as dependencies, versions, relationships, licenses, and related identifiers. The predicate value https://spdx.dev/Document/v2.3 identifies an in-toto/GitHub attestation whose predicate payload is an SPDX 2.3 document.

SLSA provenance answers "where and how did this artifact come from?" It describes the source, builder, workflow, build inputs, and build parameters for an artifact. The common GitHub provenance predicate is https://slsa.dev/provenance/v1.

Short version: SPDX SBOM is inventory; SLSA provenance is build origin.

Why Foundry and Gleam Use SPDX Here

Both package entries point at release workflows that generate SBOMs and create GitHub artifact attestations with an SBOM payload. That means the attestation the registry is asking aqua/mise to verify is specifically an SPDX SBOM attestation, not the default SLSA provenance attestation.

This does not mean SLSA is unimportant or unavailable. It means this particular aqua registry field is being used to select the SBOM attestation for the release archive. Foundry also has a separate generic/provenance-style attestation step, but the aqua registry entry explicitly configures the SPDX predicate for the archive SBOM attestation.

Why aqua Supports This

GitHub artifact attestations are not limited to SLSA provenance. GitHub's API and gh attestation verify both accept a predicate type filter so callers can select provenance, SBOM, release, or custom predicate attestations. aqua exposes predicate_type so registry entries can preserve that upstream verification policy instead of hard-coding one attestation kind.

Why mise Needs This

mise consumes aqua-registry metadata. If mise ignores predicate_type, it cannot faithfully implement the registry's requested verification policy for packages like Foundry and Gleam.

Before this PR, predicate_type was not parsed or sent to GitHub. For these packages, mise treated GitHub artifact attestation verification as "find any valid attestation for this artifact and signer workflow." That could pass by verifying a different predicate type when multiple attestations exist, or pass an SPDX attestation only accidentally because the unfiltered API result happened to include it. It did not enforce "verify the SPDX SBOM attestation" as requested by aqua-registry.

This PR changes that behavior by sending predicate_type to GitHub during detection and verification. Because mise's versions-host attestation cache is keyed by digest only, predicate-filtered requests bypass that cache and query GitHub directly.

Tests

  • mise run format (includes cargo check --all-features)
  • cargo test -p aqua-registry test_github_artifact_attestations_predicate_type -- --nocapture
  • cargo test -p mise-sigstore attestations_url_includes_predicate_type -- --nocapture
  • git diff --check

Summary by CodeRabbit

  • New Features

    • GitHub artifact attestations now support an optional predicate-type filter sourced from registry metadata and applied during provenance detection and cryptographic verification, and attestation fetches include predicate-type when present.

  • Tests

    • Added unit tests covering predicate-type deserialization, URL construction including predicate-type, and predicate-filtered attestation behavior.

gemini-code-assist[bot]
gemini-code-assist Bot reviewed May 31, 2026
View reviewed changes

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces support for predicate_type in GitHub artifact attestations, allowing more granular filtering during verification. It also deprecates the signer-workflow field in favor of signer_workflow with a fallback getter, and updates the sigstore integration to use AttestationClient directly. A review comment suggests simplifying the merge logic for the deprecated and new signer_workflow fields in crates/aqua-registry/src/types.rs using Option::or.

Comment thread crates/aqua-registry/src/types.rs
@greptile-apps

greptile-apps Bot commented May 31, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Greptile Summary

This PR extends aqua package support to parse and forward the predicate_type field from AquaGithubArtifactAttestations, enabling mise to faithfully reproduce the GitHub attestation verification policy specified in aqua-registry entries (e.g., Foundry and Gleam's SPDX SBOM attestations). Predicate-filtered requests bypass the digest-only versions-host cache and go directly to the GitHub attestations API.

  • Adds predicate_type: Option<String> to AquaGithubArtifactAttestations and threads it through both detection (detect_attestations_with_predicate_type) and verification (verify_attestation_with_predicate_type), both of which fall back to the existing unfiltered paths when predicate_type is None.
  • Extracts attestations_url into a testable private method in mise-sigstore and adds unit tests covering predicate_type deserialization, URL construction, and the None-predicate passthrough paths.
  • COMPILED_REGISTRY_CACHE_VERSION in cache.rs was not bumped despite the rkyv struct layout change, which can silently corrupt predicate_type and signer_workflow values when loading a warm cache written by the old binary.

Confidence Score: 4/5

Safe to merge after bumping the rkyv cache version constant; all new logic paths have correct fallback behaviour and token/URL routing.

Adding predicate_type as the second field in AquaGithubArtifactAttestations changes the rkyv binary layout. Because the cache version ("v3") was not bumped, any user who upgrades with a warm compiled-registry cache will load old binary data into the new struct layout, silently producing wrong values for both predicate_type and signer_workflow. A one-character fix in cache.rs resolves it; everything else in the PR is correct and well-tested.

crates/aqua-registry/src/cache.rsCOMPILED_REGISTRY_CACHE_VERSION must be bumped from "v3" to "v4" before merging.

Important Files Changed

Filename Overview
crates/aqua-registry/src/types.rs Adds predicate_type: Option<String> to AquaGithubArtifactAttestations and updates merge(); COMPILED_REGISTRY_CACHE_VERSION not bumped despite rkyv binary layout change
crates/mise-sigstore/src/lib.rs Extracts attestations_url into a testable private method and adds a unit test for predicate_type URL construction; changes are clean and correct
src/backend/aqua.rs Routes detect and verify calls through new predicate-aware wrappers; predicate_type is read directly from the struct field (no deprecated fallback needed, unlike signer_workflow)
src/github/sigstore.rs Adds attestation_client helper and two predicate-filtered wrappers that correctly bypass the versions-host cache and apply URL routing/token resolution

Reviews (6): Last reviewed commit: "fix(aqua): support GitHub attestation pr..." | Re-trigger Greptile

greptile-apps[bot]
greptile-apps Bot reviewed May 31, 2026
View reviewed changes
Comment thread crates/aqua-registry/src/types.rs Outdated
@risu729 risu729 force-pushed the codex-20260531-180052-9d8b9c branch 3 times, most recently from 8f95747 to 4125e10 Compare May 31, 2026 15:37
@coderabbitai

coderabbitai Bot commented May 31, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 5cb7d4fd-f640-4de0-a6aa-df8c77e2cf9c

📥 Commits

Reviewing files that changed from the base of the PR and between 00c6b09 and 47454ad.

📒 Files selected for processing (4)
  • crates/aqua-registry/src/types.rs
  • crates/mise-sigstore/src/lib.rs
  • src/backend/aqua.rs
  • src/github/sigstore.rs
🚧 Files skipped from review as they are similar to previous changes (2)
  • crates/aqua-registry/src/types.rs
  • src/backend/aqua.rs
📝 Walkthrough

Walkthrough

This PR adds optional predicate_type filtering to GitHub artifact attestation detection and verification. Registry metadata is extended with a predicate_type field, sigstore client URL construction is refactored to apply predicate parameters, two new public API functions enable predicate-constrained attestation operations, and backend integration propagates registry-provided predicate types through the verification pipeline.

Changes

Predicate Type Support for GitHub Artifact Attestations

Layer / File(s) Summary
Registry metadata model with predicate_type field
crates/aqua-registry/src/types.rs		 AquaGithubArtifactAttestations adds optional predicate_type field; merge logic propagates it when overridden; test verifies YAML deserialization of predicate_type, enabled, and signer_workflow.
Sigstore client URL construction refactor
crates/mise-sigstore/src/lib.rs		 AttestationClient::attestations_url helper factors URL construction, applies per_page and optional predicate_type query parameters, and converts parse failures to AttestationError::Api; fetch_attestations refactored to use helper; test asserts predicate_type appears in URL.
Public sigstore API functions with predicate support
src/github/sigstore.rs		 Imports updated for AttestationClient and FetchParams; new private attestation_client(api_url) helper resolves token and constructs client; verify_attestation_with_predicate_type fetches and verifies predicate-filtered attestations (delegates to existing function when predicate is None); detect_attestations_with_predicate_type returns whether predicate-filtered attestations exist; DetectError::SourceCreation doc comment clarified.
Backend integration with registry predicate_type
src/backend/aqua.rs		 Attestation detection and verification calls switched to predicate-type variants; predicate_type extracted from pkg.github_artifact_attestations and passed to both detect_attestations_with_predicate_type and verify_attestation_with_predicate_type; comment adjusted to reflect registry metadata drives non-cryptographic detection.

🎯 3 (Moderate) | ⏱️ ~25 minutes

🐰 A predicate type hops in, with filtering so fine,
Registry metadata and sigstore now align,
Attestations constrained with a whisker of care,
This cryptographic garden is pristine and fair!

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title 'fix(aqua): support GitHub attestation predicate fields' accurately and directly summarizes the main change: adding support for the predicate_type field in GitHub attestation handling for aqua packages.
Docstring Coverage ✅ Passed Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

Comment @coderabbitai help to get the list of available commands and usage tips.

@risu729 risu729 mentioned this pull request May 31, 2026
Closed
@risu729 risu729 force-pushed the codex-20260531-180052-9d8b9c branch 2 times, most recently from 428dfa5 to 00c6b09 Compare May 31, 2026 21:54
@risu729 risu729 marked this pull request as ready for review May 31, 2026 22:09
@github-actions

github-actions Bot commented Jun 9, 2026

Copy link
Copy Markdown

This PR currently has merge conflicts. If this continues for 7 days, it will be closed automatically.

This is warning day 1 of 7.

Please update the PR when you have a chance. Feel free to reopen or create a new PR if it is closed and you'd like to continue working on it.

This comment was generated by an automated workflow.

@github-actions

github-actions Bot commented Jun 10, 2026

Copy link
Copy Markdown

This PR currently has merge conflicts. If this continues for 7 days, it will be closed automatically.

This is warning day 2 of 7.

Please update the PR when you have a chance. Feel free to reopen or create a new PR if it is closed and you'd like to continue working on it.

This comment was generated by an automated workflow.

@github-actions

github-actions Bot commented Jun 12, 2026

Copy link
Copy Markdown

This PR currently has merge conflicts. If this continues for 7 days, it will be closed automatically.

This is warning day 4 of 7.

Please update the PR when you have a chance. Feel free to reopen or create a new PR if it is closed and you'd like to continue working on it.

This comment was generated by an automated workflow.

@risu729 risu729 force-pushed the codex-20260531-180052-9d8b9c branch from 00c6b09 to 47454ad Compare June 12, 2026 15:21
@jdx jdx enabled auto-merge (squash) June 12, 2026 15:28
@jdx jdx merged commit 149d5aa into jdx:main Jun 12, 2026
33 checks passed
@risu729 risu729 deleted the codex-20260531-180052-9d8b9c branch June 12, 2026 15:36
@mise-en-dev mise-en-dev mentioned this pull request Jun 12, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@risu729 @jdx