55. SLSA Source Provenance Verification

Date: 2025-10-09

# Status

Accepted

# Context

Konflux’s trust model is organized entirely around SLSA build provenance. Build provenance attestations, generated by Tekton Chains and stored alongside container images in OCI registries, form the foundation of our verification and release policies in Enterprise Contract/Conforma. This approach follows the SLSA principle of storing attestations close to the artifacts they describe.

The SLSA specification includes multiple tracks for establishing trust at different stages of the software supply chain. While Konflux uses the Build Track to establish trust through build provenance, the Source Track provides increasing levels of trust in source code by verifying source control system practices. The source track addresses threats like unauthorized source modifications, bypassed code reviews, and compromised version control systems. Just as build provenance attestations are stored alongside the artifacts they describe (container images in OCI registries), the SLSA community has created a tool to store source verification summary attestations (VSAs) as git notes in source repositories, keeping attestations close to the source commits they verify.

However, Konflux’s build-provenance-centered architecture prompts a question: How should we verify and incorporate source provenance into our existing trust model?

Some different approaches are possible:

1. Direct reference: Include source provenance attestations directly in build provenance
2. Parallel verification: Verify source provenance independently alongside build provenance
3. Chained attestations: Create build provenance attestations about source provenance attestations

The challenge is that the source track’s storage model (git notes in repositories) differs significantly from our build artifact storage model (OCI registries), making it non-obvious how to integrate source provenance verification into our existing Conforma policies and attestation chains.

# References

• SLSA Source Track Requirements - Source provenance specification
• SLSA Verification Summary Attestations - VSA format specification
• ADR 48: Movable Build Tests - Pattern for independent verification tasks
• ADR 49: VSA Support - Trusting VSAs for externally-built artifacts
• ADR 36: Trusted Artifacts - OCI storage patterns for artifacts
• ADR 20: Source Retention - Existing source requirements

# Decision

We will verify SLSA source provenance through a chained attestation approach that leverages the movable test pattern from ADR 48.

# Verification Workflow

1. Source VSA generation (external to Konflux):

   • Source repository maintainers configure automation (GitHub Actions, GitLab CI/CD pipelines, etc.) to generate source VSAs
   • These VSAs are stored as git notes in the source repository, contemporaneously with commits
   • VSAs attest to source control practices (e.g., two-person review, branch protection, audit logs)

2. Source provenance verification task (in Konflux pipeline):

   • A Konflux pipeline task reads the source VSA from git notes for the cloned commit
   • The task accepts a public key parameter (provided via IntegrationTestScenario configuration) and verifies the source VSA signature against that key
   • The task verifies the VSA contents (format, subject matching the commit, etc.)
   • The task pushes the source VSA to the OCI registry as a separate artifact (manifest) using the OCI referrers API (via oras attach), with the container image as the subject of the OCI reference (the git commit remains the subject within the VSA payload itself)
   • The task exposes the pullspec of the OCI representation of the VSA (digest reference) in its task results using *_ARTIFACT_OUTPUTS format

3. Build provenance chain (via Tekton Chains):

   • Tekton Chains observes the task results containing the source VSA artifact reference
   • Chains generates and signs a SLSA build provenance attestation about the source provenance attestation
   • This creates an attestation chain: Build Provenance → Source VSA → Source Commit

4. Verification in Conforma:

   • Conforma policies can verify source provenance by checking for the presence of the attestation chain (using the referrers-based attestation storage)
   • Conforma trusts Tekton Chains’ signatures (existing trust root)
   • Conforma verifies trust in the source verification task itself using the Trusted Tasks mechanisms described in ADR 53
   • Conforma reads the public key from the provenance attestation of the verification task (which includes the task parameters) and verifies it matches the expected signer identity for the source repository
   • Through the chain, Conforma gains transitive trust in the source VSA’s signature verification (performed by the task) without needing to re-verify the signature itself
   • This bootstraps trust in source provenance through our existing build-provenance infrastructure

# Rationale

This approach provides several advantages:

• Preserves existing trust model: Conforma continues to trust Tekton Chains as its primary attestation source and relies on Trusted Tasks mechanisms for verifying task provenance
• Leverages ADR 48: Using the movable test pattern makes source verification easier to re-run independently of builds
• Enables gradual adoption: Teams can adopt source provenance incrementally without breaking existing workflows

# Integration Points

• Verification task: New task to read, verify, and republish source VSAs to OCI registry
• Tekton Chains: Existing Chains infrastructure generates attestations about the verification task
• Enterprise Contract: Conforma policies updated to verify the attestation chain
• Trusted Artifacts (ADR 36): Source VSA artifacts follow the similar OCI storage patterns to other trusted artifacts

# Consequences

# Positive

• Consistent trust model: All Conforma verification continues through Tekton Chains attestations
• Independent verification: Source provenance can be verified as a separate pipeline task, not embedded in build pipeline
• Easier re-runs: Leveraging ADR 48’s movable test pattern allows re-running source verification without rebuilding
• Gradual adoption: Teams can enable source provenance verification incrementally
• Complements ADR 49: Where ADR 49 trusts external VSAs to verify externally-built artifacts for release, this ADR detects and reports source VSAs (generated by external systems) for Konflux-built artifacts

# Negative

• Race condition risk: Source VSAs should be generated contemporaneously with commits (typically via GitHub Actions or GitLab pipelines), but Konflux’s verification task may execute before the external automation completes. This can cause initial verification failures when:

  • A commit is pushed to a repository
  • Konflux immediately triggers a build pipeline
  • The source VSA generation (GitHub Action/GitLab pipeline) is still running
  • The verification task attempts to read git notes that don’t exist yet

  Mitigation: The movable test pattern from ADR 48 significantly helps with this issue. Because source verification runs as an independent integration test scenario rather than an embedded build task, it can be easily re-run once the source VSA is available. This is much easier than if the verification were embedded in the build pipeline, which would require a complete rebuild. Additionally, in typical workflows the artifact build takes longer to complete than source VSA generation, reducing the likelihood of the race condition producing an unfavorable result in practice.

• Additional task required: New verification task must be implemented and maintained in konflux-ci/build-definitions (poc in #2867); may be relocated to a different repository in the future

• Complexity in Conforma: Policies must understand attestation chains rather than direct attestations

• External dependencies: Requires source repository owners to set up VSA generation automation

# Implementation Requirements

1. New Tekton task: Implement verify-source source provenance verification task that:

   • Accepts a public key parameter (configured via IntegrationTestScenario)
   • Fetches git notes from cloned repositories
   • Verifies source VSA signatures against the provided public key
   • Verifies source VSA contents (format, subject, etc.)
   • Pushes VSAs to OCI registry
   • Exposes pullspec in *_ARTIFACT_OUTPUTS results format

2. Conforma policy updates: Update Enterprise Contract policies to:

   • Detect source provenance attestation chains
   • Verify build provenance attestations about source VSAs
   • Read the public key from test attestation task parameters and verify it matches expected signer identities for source repositories
   • Determine if source verification levels meet release requirements

3. Documentation for source repository owners:

   • How to generate source VSAs (GitHub Actions, GitLab CI templates)
   • How to store VSAs as git notes
   • What source verification levels mean

4. ITS Provisioning: Konflux deployments that want to adopt source provenance verification across their instance can update their onboarding mechanisms to provision a source verification ITS automatically

# Future Considerations

• Expected Signer Identities: We may need to think more deeply about how to efficiently configure the expected signer identities at scale.
• Standard VSA format: As SLSA source track specifications stabilize, we may need to update VSA formats
• Multiple source systems: Different source control systems (GitHub, GitLab, Gitea) may need special support.