Sigstore Sigstore Community Talks, 9 Nov 2021

Previous Meeting Next Meeting

⏯

youtube image

►

From YouTube: Let's learn sigstore

Description

►►►Connect with me ►►►
► Discord: https://discord.gg/q97CAcq5
► Twitch: https://www.twitch.tv/saiyampathak
► YouTube: https://youtube.com/c/saiyam911
► GitHub: https://github.com/saiyam1814
► LinkedIn: https://www.linkedin.com/in/saiyampathak/
► Website: https://saiyampathak.medium.com/
► Instagram: http://instagram.com/saiyampathak/
► https://twitter.com/saiyampathak

A

Hello, everyone and uh welcome to day two of the cicd week. uh My name is sam pathak and um I am a cncf ambassador working as a director of technical evangelism at cevo uh building the next gen cloud platform, a lot of amazing things coming up, uh so we should watch out that space. uh Just uh before we, you know things get started. People often ask me in every stream. Like you know, uh what are the prerequisites? Do I need to know kubernetes and all that stuff.

A

So if you want to learn cube, kubernetes plenty of resources out there, uh the best one I recommend is the one that I created, which is co academy free of cost. So it is co.com academy, uh no credit card required to learn all there are more than 50, plus video lectures that you can uh curated for kubernetes that you can learn. I think that's pretty much enough for for learning communities to get started and building out stuff out there. uh It also helps you prepare for your certifications.

A

uh Then yesterday we had jason and we talked about uh techton. uh We talked about tecton, uh you know the task, the pipelines, uh the chains which we'll explore today as well, and uh we also went through some of the demos and uh yeah how you can contribute, join the slack and all things and pretty pretty good stream. I saw some of the tweets. um Thank you for that and uh it was.

A

It was really good, uh so the next one uh today is on six store, so it's basically supply chain security and uh the project. uh You know the project, six store some of the tools uh tooling around supply chain security, how we can implement that uh and bunch of other things. uh So I would welcome you all. uh You know uh to join, ask questions and you know, make it more interactive as interactive as possible. uh So again, there is.

A

There are five swags to be one thanks to the cd foundation, uh and you know um I'll post the link in the chat make sure you fill that form and yeah. Obviously, who are joining live I'll put you on the screen because you have joined live, so it makes sense to have you here uh make sure to fill that form uh so that you know we can pick just random numbers in the end and the name associated with that number just twins as as simple uh it is.

A

So it's uh basically, I think a pair of socks uh you'll get some code or something like that. I don't know how it will work, but five winners per stream is something that I can pick that I know uh so we'll do that. Another thing is uh make sure you are. You know good with each other in the chat and to the speaker uh and the presenters uh just make sure you know the conversation is pretty healthy. It's we are all here to learn.

A

We are friends, so just make sure it's good, and uh apart from this um I have dan with me. So I think uh that that enough is. That is all enough. I can say right. I have dan with me uh so we'll be talking amazing, stuff around uh supply chain um security, six store plenty of stuff why it is important, but what why it is important now why we are hearing supply chain security. There is a supply chain. uh Security talks at kubecon, wired is coming up again and again people are using it.

A

People are talking about it, bunch of integrations here and there in cicd ecosystem. So we'll definitely talk all about that and with bunch of demos that you know dan has uh tan. Can any time do a demo. So it's it's a piece of cake for him. uh So with that um you know dan uh yeah. I always forget this thing.

A

It's so bad uh make sure you subscribe to the channel, because that's what keeps me going, uh you know you have to subscribe to the channel if you are seeing- uh and if you are new, then there's a lot of cloud native content out there uh and make sure you share the streams as well with your friends, uh so that other people can benefit as well. So this is the second day of uh ci cd week. We are here to learn supply, chain security and six store.

A

I have dan with me uh so dan, please introduce yourself to the community awesome.

B

Sure thanks a lot for having me um and yeah like, like you said a second ago, please subscribe to the stream, so you can keep doing this, make sure to support him share this too. So everybody knows what we're talking about today. Yes, my name is dan lawrence. um I am one of the maintainers of the city store project which we're going to be doing some demos of and talking about and stuff.

B

Today, I've also done a bunch of other open source work over the last, probably five or six years and things like the kubernetes community. I started the mini cube project years and years and years ago, when that first got going. That was actually the first uh go code. I ever wrote I'm so sorry it was so buggy early on everybody. That was that was me, learning go and then I got pretty worried about supply chain security.

B

So I helped on the techton project, which we just heard about yesterday from jason hall and a bunch of other projects in that space, and most recently is the sig store, one which we started earlier. This kind of late, 2020 early 2021, is really when it took off um in part just because of the huge rise in interest in supply chain security which we'll go over a bit on kind of. Why that's happening now and why it's such a big topic, but six door is actually pretty not complicated, uh but a pretty broad project.

B

So there's a couple different areas to it. So it's not just one thing which makes it a little bit hard to understand, so we can go over the different components of sixth or how you can put them together, how you can use them separately, all that stuff to protect your software supply chain um yeah. So, with that we can get started.

B

I guess I've got a couple different presentations and things here so that we can jump around with to give some context on why supply chain security and open source security in particular are so important right now. So let me share my screen.

B

And yeah feel free to jump in with questions and all that stuff too. Let's keep this interactive.

B

If I'm sharing my screen and stuff, I might not see it so just feel free to interrupt and read them out loud to me, while I'm going.

B

Awesome so my screen should be going now, um and this is uh I've got this same slide in a couple different places, but this graph, I guess alone- um should kind of put some of this into perspective. uh Going back all the way to 2015.

B

here kind of shows the rise in the next generation software supply chain attacks from 2015 through 2020.. This just came out in an awesome report from sonotype their 2021 state of the software supply chain report.

B

Normally we like it when graphs go up and to the right, but in this case up and to the right is scary, not not good, um we're seeing a whole bunch of attacks. Even you know every week that goes by, we see a bunch of new ones, particularly in open source, which is why companies are starting to get worried about this and why attackers are all getting very excited.

B

This one has a bunch of uh things on typo, squatting, malicious code, injection and tool tampering. Those are the three types of attacks that sauna type classified as next generation. Typo squatting uh is a kind of tricky scary. One we've seen it a bunch on pi, pi and npm, and even docker hub, where people will try to trick you into installing something with a typo in the name or some of those like unicode bi-directional characters.

B

So if you copy paste something, you might be getting a docker image or a package that is not actually the one that you think it's going to be a lot of times. These packages contain malware that tries to steal credentials from your home directory if you're running it on your laptop or install and run crypto coin miners in a production data center or even.

A

B

Laptop too, we see that a lot, so this stuff is pretty bad and pretty scary.

B

Some of the the weirder type of squatting ones aren't even actually typos but kind of more social engineering that we see a lot like if your company has a library published called like company hyphen, api client, or something like that, somebody might abbreviate your company name or leave it off completely or put it at the end. Instead of the beginning stuff, like that to really trick people and make it hard to know what the correct version is.

B

So a lot of these things uh together, kind of hard to deal with and there's a bunch of different types of them too, which makes some of this kind of overwhelming.

B

um I just said a lot of words there. um Do you want to jump in or ask me any questions or uh anything yeah.

A

I'm trying to get uh them all in my head, like all this stuff, uh but yeah from from the dangers that you are telling. You know the type of squatting, malicious code, injection and tool tampering and uh the the problems. I mean the occurrences of them, uh how they have like increased and they are increasing, um like anything. uh So people are targeting uh this so that actually needs the. You know. Explanation like we need something we need. Something to. You know tackle these issues.

B

Yeah and it's it's hard because there's no single issue and no single fix for all of it, um so that's kind of why uh it can be a little bit overwhelming. um I like this slide too. This is actually from a presentation I just gave last week at the linux foundation members summit. There should be recordings of the whole thing that we can link after, but I really like this slide too.

B

um This shows not just the you know, number of attacks, but the number of uh organizations that actually self-reported as being attacked, so majority of organizations actually get um were affected by a supply chain attack last year in 2020 64, and I'm guessing uh that some of that 36 was affected and just didn't notice it yet. um So this is probably a lower bound or a lower estimate. This is pretty scary, like how many other types of attacks hit a majority of software organizations in one year.

B

um This is kind of why it's uh such a big deal for everybody um at a broad level. I'm not sure if I have a great slide for this, um but I like to try to break down the problem into two different areas and this side kind of shows some of it. I guess there are two different. You know problems I like to say with open source software supply chain security.

B

One of them is kind of this whole typo squatting tampering malicious code injection one where you might not actually be running the code that you think you are, somebody might have tampered with it. Somebody might have tricked you into running a different version of the code or somebody might have stolen somebody's credentials on github or on npm, or something like that and tricked you into running malicious code.

B

um That's pretty bad! That's pretty scary! I like to call that a kind of supply chain integrity. You don't actually know what is in your supply chain and you can't apply controls against that. So attackers can kind of jump in and take advantage of you there.

B

The other half of the problem, the other uh big area which I think is kind of separate I mean requires being dealt with separately, is just even if you know what's in your supply chain, then you know what all of your dependencies are. Those dependencies might have bugs they weren't put there by an attacker on purpose.

B

um They were put there, you know by accident and they need to be fixed and patched over time as well, uh because a lot of bugs can also lead to vulnerabilities and, if you're, on an older version of something that you haven't updated recently and you haven't patched cvs, then you're also vulnerable, and so even if you know what you're using you know, you're not kind of isolated from that second area of risk here and even if you do update everything constantly, but you don't have the integrity piece, then somebody can also kind of inject malicious code.

B

So I have to think of those two things as kind of separate because they require different like different solutions and different ways to approach those problems.

B

um One of the big uh attacks that got a bunch of attention last week was the ua parser javascript library for parsing user agents. An npm was compromised and a malicious version was pushed because the maintainers credentials were stolen on npm, so that one affected like a huge percentage of downstream packages on npm because of how widely it was used and the amount of reuse that happens in that ecosystem um yeah. So anything there uh before I jump into six store.

A

Yeah, uh so that that is uh good, like you know how why supply chain security is important, I think by now everybody should have a fair amount of understanding, especially the malicious code is, is pretty uh pretty scary, so I think the maintainer should, you know, keep their credentials safe because uh you are the ones who will be pushing. You know something out there and the binary. If it's wrong, then uh nobody can help right. uh People trust you.

A

So so you have to be careful with with respect to that, or uh there are tools that dan will be talking about, which can help in verifying uh the digest or verifying some of this stuff that additional checks that can be done and before using the actual binary or before using the actual code that you, you know, want to fulfill your needs with respect to the project or architecture that that use.

B

A

So yeah, how? How can we, you know now uh supply chain security is important, and what is what is the ecosystem behind it like? uh What are what what are people building around it to to solve this.

B

Yeah, so there's a bunch of work happening here. Let me jump to this website. Quick, open, ssf.org, the open source security foundation is doing a bunch of work to help secure um open source and supply chains in general. um So this is a kind of sister foundation to the cncf. This is part of the linux foundation um and it's kind of triggered with addressing all open source supply chain risk beyond just cloud native, um and so there's a bunch of work happening here.

B

You can learn more at openssf.org or on github at github.com ossf that has a bunch of different repositories um and uh ways to get involved and help out. One of the uh projects, um I'm just going to point to here is pretty popular. Is the scorecard project so this project, um it's got a really cool goose logo, as you can see here, like everything else in the open ssf uh this project lets, you run a scorecard check and there's a lot of different websites that serve these scores too.

B

There's some links here to just check it out automatically, but you can run this tool on a github repository or on certain package managers and it'll kind of give you a scorecard report of your dependencies or even your own projects and, like kind of a whole bunch of best practices, that open source repositories should use like things like turning on two-factor authentication having multiple different maintainers with permissions, uh so that if one of them um goes, uh you know goes mia or something like that for a while.

B

Somebody else can still push code and improve patches all the way out to using static, analyzers and fuzzing and stuff like that. That are all just kind of best practices that you know you should do, but you might forget, unless you're regularly running one of these tools, there's even a bunch of stuff that you might not think of that. This tool can detect like properly setting permissions and scopes on your github actions. So if one of those is compromised, it can't you know, get right permissions and take over your entire repository.

B

So I'd highly encourage you to run this tool on any open source projects that you maintain or contribute to, as well as things that you're thinking of taking a dependency on it can be pretty insightful and help you catch some obvious mistakes early on, um in addition to that um is kind of the same store project. So let me jump back over here. This is the main one we're going to be talking about today at seekstore.dev or github.com sigstor.

B

This is designed to help address the integrity problem of knowing what code you're running and then, as a maintainer, giving your users a secure way to check that the code actually came from you and was authorized to be run by you.

B

So this means a bunch of tooling some really cool services that we operate as well to issue code, signing certificates for free and some transparency logs to kind of put all of this stuff on. So you can look it up later and make sure that somebody isn't trying to trick you or do some targeted attacks, or something like that.

B

So we can do some demos and everything here, but uh you can check this out at cigstore.dev or github.com and kind of see the um overview of the projects um yeah anything uh particular. We should start out with here just kind of jump into an overview of the different pieces and how they fit together.

A

Yeah, I think uh how how we can go through the different pieces and how it effective.

B

Sure um yeah, so let me find, I think, there's a pretty good slide in here um yeah. So the the basic problem here that sticker tries to address is being able to know where your code comes from. um I like to use uh an example here when talking about you know the overall problem.

B

um So sorry, if you've heard this a million times, uh the example is about, like uh you know, a usb flash drive, so let's say you're walking down the street and you find the usb flash drive on the sidewalk and I hope most people know you're not supposed to take that flash drive inside and plug that into your work computer to see.

B

What's on it, I hope most security organizations have scared people away from doing something like that, because real attacks happen that way there could be code on that flash drive, they could run and you know compromise your system.

B

You don't know anything about where it came from, um and uh the kind of funny part, though, is that with open source code, when you just run npm, install foo or pip, install bar or something like that and grab a random package, it's not actually that much different than taking that flash drive and plugging it in you're still taking code. You have no idea where it came from.

B

You have no idea who wrote it and you don't even really know what it does yet until you've downloaded it in a lot of these cases um and you're running it um on your laptop or worse, you might be running it um as root inside of some docker container. The thing gets deployed into your production environment. It gets way more permissions than it would have on your laptop.

B

um So when you kind of think of it that way, it's pretty scary and it's kind of lucky that we've gotten this far with reusing open source and these package managers before the attacks started happening.

B

So what we try to do with the start of stick store is kind of think about it backwards. So what if we could make it? So that you could find some random package laying on the ground on a sidewalk on some flash drive and actually trace that back to where it came from what? If we give maintainers tools to kind of sign and publish those signatures and keys somewhere securely, so that their users could look that up and trace all of the stuff back so that you could actually decide.

B

If you want to trust a random binary that you found laying around and so that's kind of how all the six door pieces fit together and hopefully make that possible in the future. Does that make sense.

A

B

Awesome um yeah, so, let's jump forward here. This slide is great. um On stick store and outside website is great. On sigstor.dev, um there are kind of three main parts here: um city store. There are some tools to sign things. You could sign anything you want. You can sign a tarball, you can sign a text file. You can sign a readme. You can sign an npm package. You can sign a container image.

B

Most of the work so far has gone into the cosine tool at six door. Slash cosine for signing containers, because oci registries turn us be pretty great for that and the tooling works really really well. So we can show some demos of that in a minute.

B

The cosine tool also integrates really well with the rest of the sig star pieces, which are the transparency log in for recoil or record for storing uh the certificates that you sign with, and the signatures themselves too.

B

um So if you can't find signatures for something or somebody forgot to give them to you, you can look them up based on the artifact that you have and see all of the people that have signed that artifact and then decide if you trust any of them um and then on the flip side, if you are operating a project that signs things, um one of the big risks that you have to worry about is losing those keys or somebody, stealing your private keys um and then having to rotate and deal with that later.

B

The signatures are only as good as the security of the keys, so the transparency log also gives people some pretty nice tooling to detect all the usages of their keys. And if you see something in there that you didn't expect- and you didn't mean to sign or something like that for your project, you know something bad happened, and you know the exact thing that got signed that shouldn't have, so you can quickly tell your users to stop trusting that thing, because your keys or your account got stolen. Somehow.

B

So you put all this together, there's some pretty easy ways to get free certificates and keys that you don't have to worry about kind of disposable, they're very short-lived, so you can delete them after. In fact, they never even get written to disk in most places and then look up signatures for stuff later.

B

So we can just kick the wheels with cosine if that makes sense and show how to use some of these things. Pieces.

A

Yep uh before that, there's one question from suman does store: uh incorporates any das dsasd tool in the process chain.

B

Does sig store incorporate any dist sast tool in the chain? Is that the question.

A

B

Yeah so um est and assist your you know: static, analyzers and dynamic analyzer tools, six store uses some of these right. Six store uses, um static, analyzers um codeql and you know golem and all that stuff and even some fuzzing for our own tools um but they're, not kind of part of the uh you know in the scope of what six door would offer to other people. You can kind of run those directly. um We have some nice uh formats actually um uh based on in toto.

B

You can show what some of that stuff looks like here, uh for um you know, maybe signing the results um you would get from one of these analyzers.

B

Something like this. If it makes any sense, um if you did run and sorry I'm scrolling, if you did run like a vulnerability scanner or a fuzzer or something like that, and you got some results back from one of those systems.

B

You can actually save those results in something like in in toto at a station file and have that system sign it. So you kind of have proof that you ran one of these, but we don't operate any of those services ourselves. Does that.

A

B

A

Yep, I think uh cool.

B

um Awesome yeah, so let's take a look at cosine itself, so the cosine repo is here: github.com sig store slash cosign. um This is kind of the easiest way to get started with a lot of the sig store, tooling. It's designed for signing container images, but it can sign a bunch of other things too. I'll show how that works. There's even some pretty cool tooling for storing other things. Like a you know, random, binary, executable or something like that inside of a container registry.

B

If you want to distribute stuff that way, there's some nice benefits of that so design four containers, but not exclusively for containers so, depending on what you want to do, this still might be the right tool for you. So take a look start with repo. If you want to contribute, there's a bunch of maintainers, it's a very active community. We try to be very welcoming, um but we can jump down to the getting started information here.

B

um The first thing uh that you might think of when starting with signing is key management, and you know normal kind of getting private keys, looking at them distributing public keys and all that stuff and there's dozens of ways to do that. I don't think anyone is correct or perfect, so instead we try to support all of them in cosine.

B

This little demo here shows the basic flow of generating a key pair, so you can download cosign, get a public private key with a single command, no flags, no algorithms, nothing like that to worry about and then start signing containers right away.

B

So we can go through this one quickly and I can show what these keys look like and stuff, and then we can build up to some of the more complex flows. All right can we see my terminal.

A

Yep, a little bit would be better.

B

Tell me when it's.

A

Okay is that good yep.

B

All right, so I've got the cosine tool here, we're going to generate a key pair, which I'll show the help, because there's a bunch of different options here too, um a little big. The basic flow, if you just run, generate key pair with no flags. Is you get a key on disk which is awesome? You can use that key to sign stuff and verify things, but uh cosine is also integrated with pretty much every uh kms or key management system.

B

You can find support the azure key vault, the aws kms, the google cloud, one hash accord, vault you can use yuba keys if you have one of those that supports it, um there's a bunch of different options here, there's even a really cool version um to work with the tactile stuff. Jason was showing yesterday where it generates the key directly into a kubernetes secret um right here. So it never even touches your disk here.

B

You just type this give it the name of the namespace and secret, and you end up with a kubernetes secret, all set up and ready to go, which is pretty cool and useful if you're, using like a tekton or some of the build packs, integrations that work inside of a cluster and stuff too same thing for github repositories or gitlab repositories. This can create the secrets right inside of those, I will do the basic one though get started and I'll show you what these keys look like.

B

We have one, let's get a new one cool. So now we have a public key and a private key right here in my directory I'll show the public one first.

B

So this is pretty basic. um This uses the elliptic curve signing algorithm or ec dsa. It's right there in the go standard library. So we design this to be as simple as possible and you can just kind of use it with go without needing any external dependencies. So these are pretty short. You can copy paste them around. This is the thing that you want to distribute to your users, so they can verify your signatures um now I'll show the private key too.

B

Normally you don't really want to do this, but it's okay for here, because you'll see that the key is actually encrypted.

B

This is encrypted with a password I had it set as an environment variable, so I didn't need to type it in here, but this key is, you know, safe to show without that password. You can't really use this to sign things um so yeah this is uh encrypted. um This is the thing that we actually use to sign.

B

um This is safe to check in because again it's encrypted, it's kind of like checking in a you, know, github secret, um or something like that that you decrypt um with something stored in github, and there are even some pretty cool flows in case you do submit one um I can show on how to kind of do keep rotation and discovery and that kind of stuff.

B

So I minimized that alright. So, let's start signing something, cosign supports pretty much any container registry out there, anything that is basically oci compliant, because I should be able to sign with, let's start with an image that I have pushed somewhere already, which is pretty cool.

B

This is a random copy of a distrolus image that I moved over to a bucket that I have auth setup for already. So we're going to sign this with the private key and we should get a signature.

B

Of course, we're supposed to use dash dash key now awesome. So now it's signed um and we have a signature up there. Next to that image, um I couldn't kind of show what that looks like and how it's stored in the registry as well, if you're familiar with the crane tool, it's really good for copying images around looking at um manifests and that kind of thing, if you want to dive into the oci spec, so I'll show what that looks like quickly here. There's a tool called uh sign. Triangulate.

B

We like our puns, to show exactly uh the name of the image that the signature is stored, paste this, and this will tell us how to find the signature.

B

So this is uh the naming convention that we use to store signatures for an image. We resolve this image to its digest, turn that back into a name and then put this little suffix at the end. So that's how you can discover signatures for any image across all the different oci repositories.

B

So let's look at that image now you can see what this looks like with that djq to make it pretty it'll, probably be a little long um yeah. So this is a standard oci image manifest. That's what this uh session tells us here in order to make this work and be backwards compatible with all the different oci registries. um We make it look like an image because that's supported by everything. um Instead of being an image, though, that you can run um each layer here, stores signatures.

B

um So that's what this tells everything right here. You should be able to docker pull this thing, but you can't dock or run it right, because these aren't tar balls, they contain layers, they would get unpacked into your file system each one of these is a signature. I actually signed this twice once yesterday. I didn't clean up before this, so we have two different signatures in here um and we should be able to verify with the key.

B

um Since I created a new key, we should see only one uh signature that passes verification, since I just created that key. We haven't used it before, so one of these will be invalid and the other one will be valid. Let me do our verification, so let's type that in here this time, instead of the secret key, we do the public key and then the same image name as before. Let me find it cool.

B

So uh this uh signature was verified and we can see the hello that was signed right here awesome. So we can tell that uh this was actually signed by that correct key. So if you distributed that key to people, they would know that that image actually came from you because you signed it.

B

If we had a different key that would fail. We'd exit with one and you'd know that something happened. The person forgot to sign the image or something got tampered with um any questions there. I can show some other examples showing how to put this to work inside of a release pipeline.

A

Yeah, I think the basic flow is clear, like you generate a key pair and there are a bunch of options where you can have that uh key pair, and then you sign that image and people can verify that uh using the public image that it's is it signed by you or you know, is it is it tempered? So I think that the flow is pretty neat. uh How can we kind of extend uh this to a proper use case? So that's that would be. You know.

A

uh That would be something that people would be interested in like how we can actually use that in in the running application or in production, and things like that.

B

Yeah great questions, um so you want to start with kind of integrating this into a build system. Typically, um jason showed some stuff on tekton yesterday and in tecton we actually tried to make that automatic, so technical detect images you build and assign them automatically, which is pretty cool, but we can work up to that one and show some kind of simpler flows.

B

I mentioned that you can check these keys right into a registry um and it's safe to do that. I've got or right into a repository. I've got one here in github.com d lawrence sign container. This is a little kind of hello world example showing the simplest possible flow that makes sense for signing a container. If you have something built from one github repository in github actions and published like ghcr.io, then this one works pretty well the id here is you just check them both in we've got the key.

B

We've got, um I'm sure we have the private key here. We have the public key this one's encrypted, so you have to worry about it and then the secret to decrypt. That key is stored in a secret inside of github actions, and this is basically what gets set up. If you do the generate keypair github version that we just added, um and so this builds images in github actions. I think we played around with some new features. That's why they're all those failing ones, but the signature should all be published here, um the action itself.

B

Let me try to find that code. This is set up to publish a new image based on every ci build. So after every um something gets built um after something gets pushed to uh the main branch. We do a build and sign that. Then we also assign things a little bit differently for releases, so this is pretty much the simplest way to do it. We have a um we log into ghcr.io here using one secret, and then we take the other secret, which is the password to decrypt the key and run cosine sign with that.

B

So this is another little uh feature that helps you build up. The actual workflows you were just asking about, which is the dash, a or kind of an annotation flag to cosine, sign and verify this lets. You add kind of arbitrary key value pairs into that signature, so these things are actually uh signed as well. So here we add git sha equals the you know commit so in addition to signing the container we're signing a little key value pair explaining what commit this was built at by github actions.

B

So, instead of just knowing that this came from this repo, we can tell the exact commit that it was built at which is a little bit more powerful.

B

The other cool thing here is that this also can help users figure out the right public key to verify against, because the git commit is in here and the key is also stored in the repository. If you want to change or rotate these keys. For some reason, you can do that just by switching them out in the repository and then you get a new commit and everything will be signed with that new.

B

um The key for that new commit, so that's a pretty easy way to set up a basic flow inside of github with keys and handle rotation and distribution and all that fun stuff. This is basically the most basic flow for releasing an actual production image.

B

um Any questions there should. I show some of the cooler fancy stuff with the transparency log.

A

Yeah um uh before that, uh so you said like we can easily, you know, there's no harm in storing the private key as well, uh because that's that's not a problem because there's a secret which is there to decrypt uh this particular uh key. So there's no harm in uh in storing that. So I think um that that's also a point uh because github actions can use that uh to sign that image, because that is the reason.

A

So you have it over there so that github action from every comment it can build and it can sign the image and you know have that digest also signed using the dash a I believe there was. It was a flag over there, so I think that's pretty cool, so that's the one basic flow that uh people can use in there. You know uh in the tops world that uh uh integrating with github actions so uh and next people want is the fancy stuff.

B

Yeah cool um time for some fancy stuff, so some of this is still experimental, um so we're gonna have to set a flag here, called cosine experimental equals true or 1, or something like that: 2 1., all right cool. So now this flag is turned on. We have access to all the experimental features like the transparency log and our certificate authority.

B

So I showed in this example that it's actually not too hard to work with keys, but you still have the keys laying around. If you lose the keys, you have to go, tell everybody about it! You have to tell everybody to stop trusting the old one, all that terrible stuff we've seen that uh managing keys is always pretty hard to do correctly for developers. Anybody that's lost access to an account because of two-factor auth, or something like that knows exactly what I'm talking about here. So in cosine.

B

We also support this awesome mode based on the certificate authority we run and our transparency logs called keyless signatures. Let me find the documentation explaining how this works so what's easier than simple keys. Well, no keys! um So if we turn that mode on um and now sign the image again, one more time make sure let me clean up those signatures first, just to make it easier to see what happened. We can do that with crane.

B

Let's get the triangulate we're going to delete all those signatures. First, take this and we'll just delete it with crane.

B

So those things should be cleaned up. It won't verify anymore now we're starting fresh um and we're going to sign with no keys at all right now, with the experimental mode turned on. This should just work, explain how it uh works in a second, but there's no keys anymore, nothing on the command line, telling you what keys to use instead cool um some stuff got printed to the terminal really quickly, and then my browser popped open with some login screens. So we'll go back and I'll explain what's happening here.

B

So, if you're familiar with something like, let's encrypt, um to manage certificates, um which you might be if you're using kubernetes, um it works in a very similar way um with when you're setting up let's encrypt and getting a certificate from them, uh your web server um or ingress controller or whatever you're using in your cluster first generates a random key pair right in memory. So this works just like before, except instead of writing it to disk they stay in memory, the entire time you can see that happens here, generating ephemeral, keys line.

B

Then what you do is you take that public key and you want to send it up to the certificate authority to get that turned into a certificate for you. So that's what happens here with let's encrypt this happens using the acme protocol. Ac me, you can look that up, but it's a way to tell let's encrypt, you want a certificate with this specific public key for this domain um and then, let's encrypt or whatever other acme enabled ca you're using um it does a little challenge before it gives you that certificate.

B

It has to prove that you own that domain and you actually have control of it. So there's a bunch of different challenge types, but they typically consist of something like adding a random string to a dns text record at that domain or adding some fields to a header that would be served by like a robot that hits a url or that kind of thing. So the idea is, if they give you some random string, and you can make it appear at that domain, then that's proof that you own it with six store.

B

We do basically the same thing except we're. Gonna sign this: instead of for a domain we're going to assign this based on your email address, because that's kind of the lowest common denominator, best form of identity available to developers in open source, you sign your git commits with email addresses. That's how you log into github. um That's how you work in projects.

B

um Your reputation is kind of based on your uh email account and how you sign commits over time. So that's what we do here as well: let's encrypt had to make up a whole new. uh Oh sorry, I waited too long I'll restart this. um Let's encrypt had to make up a whole new protocol called acme for their challenge, because this didn't exist before, but for people and for email addresses. um There is a pretty well known format here, and a challenge system already called open id connect.

B

This is how you log into other services, using your gmail account your github, login and stuff. Like that, that's what happens here. We generated a key pair and we're asking the sig store service to give us a certificate.

B

It binds that key pair to your email address, and so we just have to prove. We control that email address and we do that by clicking this button, so I logged in here with google. We can close this window now and we got a certificate for my email address.

B

At the same time, if you've heard stuff like certificate transparency, that's how you can protect against somebody issuing search for the wrong domain. We do the same thing for email addresses here and we log all this into transparency logs to make sure it's secure and that people aren't pretending to be you. So all that happened quickly. We never touched a key. Nothing ever got written to disk and we signed this image with our email address.

B

I'll show what verification looks like too, because that can happen. That's where we'll see the email address actually come in and we can get down into some more pieces to explain how it works so before we're going to do verify, but with no key at all.

B

This is gonna find all of the there's a lot there, because it's so big.

B

um Yeah, so uh this uh has all the information now in the signature there's a little bit more now uh because we're using certificates, but at the very bottom we can see that this was signed with this email address and that the login system that vouched for me owning that email address was accounts.google.com.

B

So as of the time this happened kind of here, um yeah google said that I controlled that email address correctly, and so you have multiple people sign this with multiple different email addresses and you can decide who to trust that way.

B

So, if you're sick of managing keys, um you lost your pgp key years ago and don't want to make a new one. um This is kind of the system to use to make it even easier any questions there. I just spoke for a long time again.

A

Yeah, I think uh people have been like praising about this, so I think this is. This is pretty interesting feature uh and you explained actually the list, let's encrypt working as well. uh So uh it's basically, let's cosign.

B

A

As per car loss, uh so you are, you are just getting the certificate and you are using the kind of email authority over there uh and pairing up the ephemeral keys with that certificate and then getting uh getting it signed. uh And when you verify you can see the issuer and the subject, and you know home trust. So I think that's that's pretty interesting. There are a couple of questions uh which might be related to the previous one. uh So does cosine uses uh gcr only or it supports aws other cloud cloud registry as well.

A

I think it does because you did a cosine, uh keep generate key pair dash dash help so that that had uh these bunch of options.

B

Yeah, so let's find the full list, um so there's a couple different things um there. Let me show. So this is the entire list of all of the registries that cosine has been tested and works against, um so aws ecr, gcr, docker hub azure acr. You know this huge list, the only one we know that it doesn't work with so far is actually quay.io.

B

It works in the open source version of quay which you can find on github, but the fix that they needed to make it work hasn't been deployed to the hosted or managed version of clay running quay.io, yet um so yeah. This is probably you know fewer registries than it actually works on. These are just the only ones I found um to test it against. I think we're probably missing a few um here, but it should work basically with any registry. um The other aspect which I guess you're getting is the kms system one.

B

um So if you do want to use keys but don't want to put them on disk um pretty much. Every cloud provider offers a set of key management apis where you generate the keys in their kms system, and you can sign and verify stuff with that. So so far this works with azure aws, gcp and hashtag vault.

B

So if you don't want the keys to be on disk- and you want to use one of these systems, um then it works with all of those so far as well, so you can use like the azure kms with you know: ghcr.io they're kind of decoupled. If that makes sense.

B

So there's two different uh feature sets there to go through what other questions do you have.

A

uh Yup, that's that's, I think pretty much. It uh restores the conversation uh what people are doing so, which is good awesome.

B

Yeah, so the keyless flow is awesome and it's really great for people. um One of the other cool features, though, which we just did a couple of blog posts on, is that you can also use that keyless flow now with automated systems like tecton chains or even github actions, um because uh that open id connect protocol that you typically think of is for people when you click.

B

That button also works with automated systems too, um and uh there are a bunch of different examples of this, um but uh it works pretty well with um if you're, using gke or google kubernetes engine um there's a feature called workload identity um where each pod can get access to. You know just um a uh an identity token, it's called that's the same thing that you send up to six star to get a certificate.

B

uh You can get one of those uh for a workload running in kubernetes um using workload, identity aws has a version of it that works too. With uh workload identity, federation, um everybody speaks that same protocol and instead of getting a certificate for a person, you would get a certificate issued to kind of that exact workload.

B

I've got a it's a little bit harder to demo this perfectly, but I've got um a gist here that I save with some of these outputs um that are used to build and sign uh the a couple different container images here. Let me find the one I'm thinking of.

B

uh Actually I remember the repo I can show how this is set up. This is a basic um image that I have here. Another example of that builds a hello world, go application and uses co inside of github to sign it.

B

So this is a pretty new feature, github added, where they make identity tokens available to your workflows. You need this line in order to get one the id token. It's since been documented. They announced this a couple weeks ago at um github universe.

B

um They give this to you and then your github actions can authenticate as that action, and so again we can sign now without keys. You don't need keys in here at all, and this gets signed with a kind of string that says which repo it was in, exactly which github workflow and even which commit that it ran at, um and so this uh and this is all handled by github. So let me find I guess we can just try this. I don't know if I deleted the signatures since I ran this.

B

Let's just do cosign verify and see what happens.

B

Awesome so we get a bunch of stuff, let's pipe that to g.

B

um So if you're a person you can sign with your email address, if you're an automated system um running in any environment that supports open id, connect, tokens or id tokens, you can do that as well. So here, instead of the email address, we get this url showing exactly where this was built at with the commit- and this is all signed and verified by github in this case, so you can see the repo it came from no keys had to be managed or anything the exact file that ran build.aml.

B

This ran on the main branch at this commit, so this is just all automatic. um There's really no excuse to not do this type of thing inside of github actions. Now any questions about some of that stuff. There's a lot there.

A

No, I think, that's again a very good use case for github actions uh signing without the keys and using the uh you know, uh sha, and um so I think that's that's also one of the use cases that people can use for that's pretty interesting.

B

Yeah, we try to you, know, find out the actual hard parts about signing. um It turns out the signing itself isn't the hard part. The hard part is really the key management and distribution, I'm trying to make that as easy as possible here. So it's awesome that everybody supports these same protocols, because you can do this across different systems.

B

The example I had here and we can run through some of this stuff- is kind of putting some together some of these systems. Let me see if I have a slide on it. I think it was from this demo here, no um down a bit here, we go um yeah. So this is a rough diagram on the demo I put together showing kind of that concept.

B

I talked about before of uh finding some binary on the ground and then tracing it back all the way to where it came from, I'm going to run through some of the commands to show what it looks like, but this was two different repositories: two different github organizations, building container images um so that hello, co, one is the second one in the chain. um You know that comes here in my application image, the from line in that um the base image that gets used by that image is actually uh distro-less.

B

So this the distrolus images are built here um on github. These are built using uh google cloud, build and techton. Actually so they're built twice they're built reproducibly, so you can build it multiple times with different systems and you get the same digest, which is a pretty cool feature, and so these actually get built by two different systems and signed by both of those systems using cosine and the full build history is also logged and signed again by both of those systems.

B

So what we can actually do here at the full demo, that's just showing is start with the application image find the signature and the commit that that was built at which I just showed from this demo. So we can go to that repo.

B

You can see that that is a commit yep. That's the most recent commit it's the same thing here, so we know that the final image the hello code was built from here and then what we can do is look up the base image and go back and find all the commits that went into the base image too, because those can also affect your supply chain, um and so the way we do that is by looking at the image itself hold it here.

B

Let's do crane manifest awesome, so we can see this image. It's got a bunch of layers. This is basic, go code. It prints out hello world when you run it, but what we can see here at the bottom is this extra annotation, um which just got approved by the open containers initiative to specify the base image for something. So this is in the manifest and we can see it.

B

This was built from this specific distrolus image at this digest and now, if we want to know what's in that and where that came from, we can do that same kind of verification and look that up. So let me find it from the head saved.

B

You can see that here we get the base image and now we can actually look up how that base image was built using just the sha, so this is going to show us on the transparency log features. This is the shot 256 as the base image, and if we take that and look it up, we're going to see a bunch of builds here.

B

This is built reproducibly. I said so. It's had a bunch of different builds um that got the same digest.

B

So, let's just take one of these copy, this command, so I don't have to retype the whole thing and make it pretty and we're going to see exactly how that image was built and start walking back the chain on that uh usb thumb drive example that I talked about before. So we see a bunch of json here right and this comes from tecton the tecton chain, stuff jason was showing yesterday tekton in addition to signing the image itself, also signs this big payload explaining exactly what happened, how it built that image, what went into it?

B

What came out um and this all these images get built together, so they're all packaged in here at once. We can see all the images that got built in the same run.

B

We can see the repo that it came from the there's that we can see the repo that it came from the exact commit that it was built from as well. So if we go to distrolus you can see where did that tab go here, we go. Let's pull commits.

B

Change that here's the document um september 17th that that image was built from on the distrolus based image, which is pretty cool. uh We can see the steps that ran as well um the exact comm, the exact containers that were on this golang one um and how all of this was generated. So we can mock all this back all the way to the commits, which is pretty powerful.

B

We went back from two different build systems, github actions over to a different, get a repo with techton, and because everybody speaks those same protocols, we can verify it all the way back.

B

So that's kind of the power of all of these things when you put them together.

A

Yep, uh I think that's that makes much more sense. You know how how it is getting used. uh You know in in kind of a scenario which actually people would use, uh so that makes a lot of sense and crane crane is is a good. uh You know is looking good with all its features. People actually want to know more yeah. Also. What about uh the record cli as uh that that you introduced like what quantity.

B

Yeah so um cosine, if you're, just using cosine for signing and verifying it kind of packages, all that stuff up for you all the interactions with the transparency log, so it puts signatures in there and certificates and then fetches them for you during verification.

B

Now what I was doing, there was I'm kind of just dropping down to the recourse cli. Let me go back to the sig store page, um which is for interacting with the transparency log directly. You can see the recoil repo here if you're using cosine. You normally don't have to worry about this because it's automatic. But if you want to play around or put your own signatures into this log or look stuff up yourself, then the recourse cli is the way to do it.

B

So that's what I did here. I did a recourse, cli search or yeah. I did a search and then I get to fetch a specific entry. So with the search this command basically says tell me everything. That's in the transparency log about this specific artifact. You can pass in a file if you've got one a binary or a github commit id, or something like that and it'll. Just tell you everything, that's in the log about that commit, and you can look through those and see if there's anything in there that you like or don't like.

B

You can also search for your email address and see all the signatures that you've created with your email address and use that for auditing yourself. So yeah, that's the kind of power cli for interacting with the transparency log. You can do stuff like audit the log and see how many entries there are.

B

So we have 800 and thirty nine thousand one hundred and forty six entries- um and this shows some of the cool merkle tree hash stuff, which uh kind of you could talk for several hours about how transparency logs work um too much for this session. But every time you run this, you actually do a proof and make sure that the log hasn't been tampered with as automatically that's this line here, um showing that the log is healthy and we haven't tampered with it at all.

A

Cool uh and carlos is waiting for the record ui.

B

A

You can click on that and uh how that should work. Jason.

B

Hall um yesterday actually added this awesome, javascript ui here to the record.64.ui, this amazing html ui that fetches that same um number of entries for us dynamically. So this refreshes constantly. If we do another signature here, we should see it go up.

B

We'll do one of these keyless signatures, quick and now, if I.

B

Well, so there's a 7: now we added one and if we go back to that page, I bet it'll refresh. I think he said it's every 10 seconds there we go yeah. It changed.

B

Jason, nice job on your awesome, ui, jason.

B

um Cool yeah any other questions here. I think that.

A

Yeah uh one basic one: uh what does uh digest revision means.

B

What does digest revision mean? I'm not quite sure where that one comes from. um Revision probably refers to the git, commit um that something was built at or they get tagged or something like that um digest is like the typically with containers. It's the sha256 colon thing. That's used to address the container image if the container image changes you'd get a different digest, I'm not sure if that answers. The question, though,.

A

Awesome, uh so I think we did. We discussed uh a bunch of stuff uh today, uh starting from you know um the. Why and the watts of surprising security why it is important there have been attacks. I mean it's a proven study that shows the graph is increasing over the time with respect to the attacks that are coming in and uh it's it's pretty interesting uh to see those and the landscape growing. More and more, uh you shared the foundation, uh so that has a lot of projects which are there, and people can get involved.

A

So it's kind of foundation just like cncf. uh There is one for the you know or the supply chain security which, with bunch of projects that you can get involved with and with a purpose so and today we also talked uh mainly talked about six store. What it does. What main purpose is uh you know the uh signing verifying monitor and then you have your cosign, uh the main project which is there uh so how to use cosign.

A

The first I mean we did a lot of demos, so the basic one: how to sign that uh then using the uh github uh in the github actions? How to do that? uh You know using uh you, can have your public private key over there and then you can have your uh you know decrypt uh as a insider's github secret, and then you can.

A

You know, use that to sign that every time and then uh more, uh you know complex workflows uh and then the experimental feature, which is good you know, uh keyless signing, is, is kind of important because I mean people do not want to rotate the keys manage the keys. uh So if you can just sign them via the email, uh you know just like getting the certificate ccd while it since, let's encrypt so you can do kind of in a similar manner.

A

uh It tries to co-scientize them to the email, uh email portion of that and you you get those images signed as well and you can easily verify. So I think uh uh it's it's pretty interesting and and obviously the last flow, where you can actually see a kind of a uh use case actually being used in the applications.

A

uh So I think yeah people are using, uh you know finding out more and more use cases. So uh dan, is there a place like you know, uh use cases where people are adding adding over there and people can see. You know how people are using, how other people are using one of the best practices and things like that.

B

Oh man, that's a great idea, um I think, uh probably the best place where people have been sharing that so far is in the sig store slack. You should go ahead and join that at uh you can find the link at github.comcommunity people have been asking questions and coming up with good recommendations on best practices.

B

For all of this there we also have the github.com friends repository which we copied from the tecton project, but if you or your company is using any of this stuff, we'd love for you to go, send a pull request to that repository telling us about it.

A

Yeah awesome, I think that's that would be nice, um so we can have a place where people can actually put their use cases how they are using it so that other people can also adopt uh okay. This is also one use case that you know people can use cosign for, and these are some of the practices that they are following, and I think that can be a build and learning activity for everyone who is new or everyone who is experienced, and you know kind of using it in different ways. That would be pretty interesting.

A

Yeah make sure you join the uh slack channel uh so so that you know you can uh you do not miss out on any of the fun that is happening in the community? You know how people are using, because slack is of the place for uh for the activity which is going over there and yeah people, people and you can see all the positive comments which are there. uh So uh you know uh thank you so much dan for tuning in and explaining uh the the supply chain. Security.

A

The right way, cosign the right way, multiple demos, starting from very basic to the advanced use case. uh I I think I learned a lot uh pretty much, uh so I am hoping that people watching and who will be watching later, uh must have learned uh something new uh today, uh so that that's pretty uh amazing stream, as expected from you right. Thank you.

B

Yeah, thank you so much for having me on today and yeah feel free to reach out on twitter or slack. If you have any questions about this stuff.

A

Awesome uh so the last thing that that we do uh before going uh so there are like 19 responses. um Can you pick a five numbers so that you know we can announce the winners for the stream uh just five random numbers, yeah, five random numbers, one by one, so that I.

B

Can put between the chat sure between 1 and 19? Is that.

A

B

Yep all right, let's do um 17.

A

17, uh so this one, my aunt four chad, four and someone.

B

Fifteen, I'm just thinking of fun ones,.

A

A

Nine is nine.

B

And nine is.

A

B

Two is the final one.

A

And two two: is uh you raj? I awesome awesome, so congratulations to all the winners. uh You will. I don't know we might contact you via the email uh or the cd foundation or myself so we'll see who will be contacting you later on. So thank you so much for tuning in uh this was day two of ci cd uh days and uh it's it's been. You know really great uh to have you uh all and thanks to dan, for tuning in and explaining about co-science, six store supplies and security, awesome demos.

A

uh So thank you all uh for tuning in and see you tomorrow, uh we'll be learning about argo cd uh again another interesting project and make sure you subscribe to the channel and send you know, send the playlist and the links uh to your friends as well. So thank you so much for the session see you tomorrow. Thank you so much dan for tuning in have a nice day bye. All.