[feature][byob] Allow TRW to omit / mask certain fields from attestations

slsa-framework / slsa-github-generator

Language-agnostic SLSA provenance generation for Github Actions

Apache License 2.0

394 stars 118 forks source link

[feature][byob] Allow TRW to omit / mask certain fields from attestations #1575

Open laurentsimon opened 1 year ago

laurentsimon commented 1 year ago

Fields like usernames should be omitted from the provenance. We can't have them be secrets because it would cause the GitHub masking engine to detect secrets when there is a match with a sha we use for uploading / download artifacts.

laurentsimon commented 1 year ago

I propose to have an a new input to the SRW that takes a "list", maybe mask-inputs: name1, name2, name3?

Wdut?

/cc @asraa @ianlewis

ianlewis commented 1 year ago

I propose to have an a new input to the SRW that takes a "list", maybe mask-inputs: name1, name2, name3?

Wdut?

/cc @asraa @ianlewis

We'll have to instruct TRW authors to use it but yeah, that's probably fine.

laurentsimon commented 1 year ago

I'll start adding this feature then.

asraa commented 1 year ago

Are these fields in the GitHub context? I worry that we won't have uniform conformence of the produced provenance, which is fine because it's TRW controlled.

But are you thinking our implementation of the npm one will mask-inputs, rather than us masking usernames by default?

asraa commented 1 year ago

It's a cool solution, just wondering.

Because we can publish the github context and say these fields exist, mask anything you don't like.

(Curious about the variable event payload as well, but as long as we can document the provenance content it's OK)

laurentsimon commented 1 year ago

So there are 2 aspects:

sensitive data in GH context that will be masked by default, as agreed on with GH team. This issues does not change that
sensitive data that are builder-specific, e.g. a container builder requires a username to log in a registry. Users won't want to expose this. The TRW authors can mark these fields as sensitive so they will be ignored in the provenance - either we omit them entirely, or we mask them a-la-GitHub ***:

inputs:
  username:
...
uses: slsa-framework/delegator.yml
with:
  slsa-inputs: ${{ toJson(inputs) }}
  slsa-mask-inputs: username, <something-else>

Let me know if that makes sense or not.

Sorry, I was not clear in the original description

laurentsimon commented 1 year ago

See comment https://github.com/slsa-framework/slsa-github-generator/issues/1410#issuecomment-1431615223

We need a way to omit the plaintext "masked" inputs from the token, so that they are not recorded by Rekor. I think there's a way to do that

github-actions[bot] commented 1 month ago

This issue was reopened by the todo-issue-reopener action in the "TODO Issue Reopener" GitHub Actions workflow because there are TODOs referencing this issue:

.github/actions/create-container_based-predicate/src/github.ts:74: Redact sensitive information.