feat: plugins as OCI artifacts

[noelbundick-msft]

Description

What this PR does / why we need it:

Adds the ability for Ratify to download plugins from OCI artifacts as they are registered, per #499

2023-01-10 community call demo: https://youtu.be/xRo8U-ag0y0?t=3047

This eliminates the need for users to build their own Ratify image, hack the Helm chart output, etc. It's an opt-in change that doesn't break how Ratify works today, but only enhances the experience if the RATIFY_DYNAMIC_PLUGINS=1 feature flag is enabled, and source is specified in the config

Here's a high level overview of the experience:

1. Making a plugin available

We start by uploading a plugin to a registry as an OCI artifact.

This could be done by

• an org's platform team
  • build it yourself
  • download from a url and upload into a trusted registry
• direct pull from a vendor's trusted registry
  • ex: I create a useful plugin, push it to noelregistry.azurecr.io/usefulplugin:v1, and you refer to that directly
  • this is possible but seems less likely?

Here's an example using the sample verifier in the repo

cd plugins/verifier/sample
CGO_ENABLED=0 go build .
oras push noelfdpo.azurecr.io/sample-plugin:v1 ./sample

If there are "off the shelf" plugins already built by community partners, this might look something like

curl -L https://github.com/deislabs/ratify/releases/download/v1.0.0-beta.2/ratify_verifier_sbom_plugin -o ./sbom
oras push noelfdpo.azurecr.io/sbom:v1.0.0-beta.2 ./sbom

2. Using a plugin

A new source property has been added for verifier and referrerstore config. If specified, Ratify will

• resolve/download the artifact
• mark it executable
• continue with registration & execution of the binary plugin as it does today

The plugin download process uses the same authProvider(s) that the oras built-in store uses

This works with both flavors of config - JSON and CRD. Below are examples of both

config.json

• using an unspecified authProvider - defaults to dockerConfig like the ORAS plugin
• pulling from Docker Hub

{
  "name": "sample",
  "artifactTypes": "application/spdx+json",
  "source": {
    "artifact": "index.docker.io/acanthamoeba/sample-plugin:v1"
  }
}

CRD

• pulling from Azure Container Registry
• specifying workload identity as the auth provider to talk to the registry

apiVersion: config.ratify.deislabs.io/v1alpha1
kind: Verifier
metadata:
  name: verifier-sample
spec:
  name: sample
  artifactTypes: application/spdx+json
  source:
    artifact: noelfdpo.azurecr.io/sample-plugin:v1
    authProvider:
      name: azureWorkloadIdentity

Other info

Ratify emits info/debug logs when downloading plugins, ex:

time="2022-12-21T18:39:11Z" level=info msg="Downloading plugin sample from noelfdpo.azurecr.io/sample-plugin:v1"
time="2022-12-21T18:39:11Z" level=info msg="selected default auth provider: dockerConfig"
time="2022-12-21T18:39:12Z" level=debug msg="Resolved plugin manifest: {application/vnd.oci.artifact.manifest.v1+json sha256:f2c54ba629c4da68327efa4085e7e322964c6533f7c9bcfd8d69202950e20d7f 413 [] map[] [] <nil> }"
time="2022-12-21T18:39:12Z" level=debug msg="Downloading blob noelfdpo.azurecr.io/sample-plugin:v1@sha256:814191e0d58143ebbcad493d437d1d3cabdac4a0706cb6dff8efa98afd2e31b4"
time="2022-12-21T18:39:12Z" level=info msg="Downloading plugin sample to /.ratify/plugins/sample"
time="2022-12-21T18:39:13Z" level=debug msg="Marking plugin /.ratify/plugins/sample as executable"
time="2022-12-21T18:39:13Z" level=info msg="downloaded verifier plugin sample from noelfdpo.azurecr.io/sample-plugin:v1 to /.ratify/plugins"
time="2022-12-21T18:39:13Z" level=info msg="verifier 'sample' added to verifier map"

Type of change

Please delete options that are not relevant.

• New feature (non-breaking change which adds functionality)
• This change requires a documentation update

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Please also list any relevant details for your test configuration

• e2e cli tests
• e2e tests
  • note: :helm upgrade to set featureFlags.RATIFY_DYNAMIC_PLUGINS=true fails in CI, so one of the test cases is currently skipped

Checklist:

• Does the affected code have corresponding tests?
• Are the changes documented, not just with inline documentation, but also with conceptual documentation such as an overview of a new feature, or task-based documentation like a tutorial? Consider if this change should be announced on your project blog.
• Does this introduce breaking changes that would require an announcement or bumping the major version?
  • No, this is an opt-in feature behind a disabled-by-default feature flag
• Do all new files have appropriate license header?

[noelbundick-msft]

TODO: what should the config look like for specifying auth for pulling plugins. Should look & feel similar to oras store config, - but plugins might (will probably?) come from a different registry than application images

Perhaps the config should read something like

source:
  reference: noelfdpo.azurecr.io/sample-plugin:v1
  authProvider:
    name: azureWorkloadIdentity

[susanshi]

Agreed, we need to restructure our auth config. Curious do you think customer will use same identity for plugins /artifacts / certs from keyvault or will they use different clientIds?

[noelbundick-msft]

Late follow-up: I would expect to use the same app identity here, at least in Azure

So if you pulled plugins from a different registry than runtime images: it would still be the one "Ratify" Managed Identity that has AcrPull on both the "plugin registry" and the "normal one"

[noelbundick-msft]

@susanshi This is now updated to use the the wabbitnetworks.azurecr.io sample plugins, merged with latest, with all tests passing

Please let me know if there's anything else on my side. Thanks!

[susanshi]

@susanshi This is now updated to use the the wabbitnetworks.azurecr.io sample plugins, merged with latest, with all tests passing

Please let me know if there's anything else on my side. Thanks!

we have finished merging all RC required PRs, this PR is good to go with a rebase,

Please rebase , we will hold off any changes into the main branch to avoid this being out of date again. thanks @noelbundick-msft .