Attest provenance

[Proximyst]

Today: Currently, the Debian images on Docker do not attest their provenance.

$ docker buildx imagetools inspect debian:unstable --format "{{ json .Provenance }}"
{}
$ docker buildx imagetools inspect debian:13 --format "{{ json .Provenance }}"
{}
$ docker buildx imagetools inspect debian:12 --format "{{ json .Provenance }}"
{}

This means that the source of the supply chain is not possible to assert, important for e.g. FedRAMP's High controls baseline (SR-3).

For examples of filled provenance fields, you can view e.g. docker.io/library/archlinux or docker.io/library/alpine's provenances.

Feature request: Attest provenances of the Docker images, and ideally also the tarball they originate from.

[tianon]

The Debian images are 100% fully reproducible bit-for-bit, all the way out to the JSON OCI manifest file 😅

If you look at the details of the "provenance" of the two images you've noted, it's mostly pointless/meaningless metadata 🙈

They both ingest mostly opaque tarballs, and the only difference is that they have a JSON file that says which Git repository they got the tarball from or what the Dockerfile that downloads the tarball said. 🫣

• alpine: https://oci.dag.dev/?blob=alpine@sha256:ebbebd44c17fcfc36f52ae1aef89bc9d1eaec8a2d865362f62bcce19e2fcaaca&mt=application%2Fvnd.in-toto%2Bjson&size=5682

• archlinux: https://oci.dag.dev/?blob=archlinux@sha256:99c8b795adf8dede24ac62d32dcbddb0f637870b3afe6744b6d5d2bcc5e60faa&mt=application%2Fvnd.in-toto%2Bjson&size=11972

[Proximyst]

it's mostly pointless/meaningless metadata 🙈

Yeah, FedRAMP controls tend to be mostly pointless checkbox ticking in this regard 😓.

(Thanks a lot for your work on reproducible builds, by the way; it's real cool that a central player like Debian has invested in that.)