Provenance incorrect when creating multiple images in one workflow.

[JeroenKnoops]

Problem

When creating multiple (different) images in one workflow, all predicates are the same except for the BuildFinishedOn field.

Basically the Provenance states: We ran workflow w and it produced image x with digest y on timestamp z. There is no information on which step and what arguments are used.

Reproduce

This can be reproduced by adding two steps with the docker-ci-scripts action or to create a matrix.

When using a matrix, the provenance is not showing the values of the matrix, so you cannot know how to rebuild it.

Example

Example workflow

https://github.com/philips-software/docker-blackduck/blob/provenance/.github/workflows/build_docker.yml#L17

on: [push]

name: build

env:
  DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
  DOCKER_PASSWORD: '${{ secrets.DOCKER_PASSWORD }}'
  DOCKER_ORGANIZATION: philipssoftware
  GITHUB_ORGANIZATION: philips-software
  COSIGN_PRIVATE_KEY: '${{ secrets.COSIGN_PRIVATE_KEY }}'
  COSIGN_PASSWORD: '${{ secrets.COSIGN_PASSWORD }}'
  COSIGN_PUBLIC_KEY: '${{ secrets.COSIGN_PUBLIC_KEY  }}'

jobs:
  build_blackduck:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        include:
          - name: Build BlackDuck Docker Images with java
            dockerfile: 7/java
            tags: latest 7 7.10 7.10.0
          - name: Build BlackDuck Docker Images with node
            dockerfile: 7/node
            tags: node 7-node 7.10-node 7.10.0-node
          - ...
    steps:
      - uses: actions/[email protected]
      - name: ${{ matrix.name }} 
        uses: philips-software/docker-ci-scripts@main
        with:
          dockerfile: ${{ matrix.dockerfile }} 
          image-name: blackduck
          tags: ${{ matrix.tags }}
          push-branches: main provenance
          slsa-provenance: true
          sign: true

Provenances

This is the provenance for the philipssoftware/blackduck:7.10.0 image.

repodigest=$(docker inspect philipssoftware/blackduck:7.10.0 | jq -r .[0].RepoDigests[0])
cosign verify-attestation --key cosign.pub $repodigest | jq -r '.payload' | base64 -d | jq .

{
  "_type": "https://in-toto.io/Statement/v0.1",
  "predicateType": "https://slsa.dev/provenance/v0.2",
  "subject": [
    {
      "name": "index.docker.io/philipssoftware/blackduck",
      "digest": {
        "sha256": "e4b7db02469ea627818cfd8bcd0cff1c377e64189ef670184e56d0685096374f"
      }
    }
  ],
  "predicate": {
    "builder": {
      "id": "https://github.com/philips-software/docker-blackduck/Attestations/GitHubHostedActions@v1"
    },
    "buildType": "https://github.com/Attestations/GitHubActionsWorkflow@v1",
    "invocation": {
      "configSource": {
        "uri": "git+https://github.com/philips-software/docker-blackduck",
        "digest": {
          "sha1": "64a263c8bb206b256e0507f1998d81e7f647f8fc"
        },
        "entryPoint": "build"
      }
    },
    "metadata": {
      "buildInvocationID": "https://github.com/philips-software/docker-blackduck/actions/runs/1752676715",
      "buildFinishedOn": "2022-01-26T19:39:00Z",
      "completeness": {
        "parameters": true,
        "environment": false,
        "materials": false
      },
      "reproducible": false
    },
    "materials": [
      {
        "uri": "git+https://github.com/philips-software/docker-blackduck",
        "digest": {
          "sha1": "64a263c8bb206b256e0507f1998d81e7f647f8fc"
        }
      }
    ]
  }
}

Problem

When we look at the predicate for image: 7.10.0-node, this part is the same (except for the BuildFinishedOn part, which makes sense). Now we cannot see how this image was build and what parameters were used.

entrypoint is the same for all predicates. This is correct, because .
Maybe the parameters, environment or materials in completeness should be filled with the name of the github action and arguments.

[JeroenKnoops]

See further discussion in philips-labs/slsa-provenance-action#131