Major Description:
Auto-pruning does not treat Sigstore-style artifacts correctly. This issue can be reproduced in Quay 3.10, when auto-pruning is enabled via "FEATURE_AUTO_PRUNE: true", and the configuration of the auto-pruning policy to set keep 1 image tag. After pushing and signing two image tags with cosign, the auto-pruning worker removes both image signatures and also one tag. The result is that a previously signed image is now unsigned.
Quay: quay-operator-bundle-container-v3.10.0-142
Steps:
- Push image tag A, and sign this image with Cosign using key1
- Push image tag B, and sign this image with Cosign using key2
- Config the auto-pruning policy for the Quay namespace to keep 1 image tag
- Waiting for the auto-pruning worker to remove the image tags
Expected Results:
After auto-pruning worker has been running, the newer image tag B and its signature remain in the repository whereas the older image tag B and its signature are garbage collected.
Actual Results:
Only image tag B remains, its signature has been removed by auto-pruning.
Expected Behavior:
The auto pruning worker should treat tags created by sigstore/cosign tooling differently. These tags are created when signing an image or attaching an attestation or SBOM, and follow the naming convention
- sha256-<sha256-digest>.sig
- sha256-<sha256-digest>.att
- sha256-<sha256-digest>.sbom
See here for an example: https://quay.io/repository/centos-bootc/fedora-bootc?tab=tags
See the official documentation for more information:
- https://github.com/sigstore/cosign/blob/main/doc/cosign_attach_signature.md
- https://github.com/sigstore/cosign/blob/main/doc/cosign_attach_sbom.md
- https://github.com/sigstore/cosign/blob/main/doc/cosign_attach_attestation.md
The auto-pruning worker encounters these type of tags they should not be pruned. Also, when the auto-pruning worker is collecting any tag for pruning, it should look for these tags by resolving its digest and and collect them as well for garbage collection.
