Auto-pruning does not treat Sigstore-style artifacts correctly. This issue can be reproduced in Quay 3.10, when auto-pruning is enabled via "FEATURE_AUTO_PRUNE: true", and the configuration of the auto-pruning policy to set keep 1 image tag. After pushing and signing two image tags with cosign, the auto-pruning worker removes both image signatures and also one tag. The result is that a previously signed image is now unsigned.
- Push image tag A, and sign this image with Cosign using key1
- Push image tag B, and sign this image with Cosign using key2
- Config the auto-pruning policy for the Quay namespace to keep 1 image tag
- Waiting for the auto-pruning worker to remove the image tags
After auto-pruning worker has been running, the newer image tag B and its signature remain in the repository whereas the older image tag B and its signature are garbage collected.
Only image tag B remains, its signature has been removed by auto-pruning.
The auto pruning worker should treat tags created by sigstore/cosign tooling differently. These tags are created when signing an image or attaching an attestation or SBOM, and follow the naming convention
See here for an example: https://quay.io/repository/centos-bootc/fedora-bootc?tab=tags
See the official documentation for more information:
The auto-pruning worker encounters these type of tags they should not be pruned. Also, when the auto-pruning worker is collecting any tag for pruning, it should look for these tags by resolving its digest and and collect them as well for garbage collection.