Add ec.oci.image_manifest rego function

This commit adds a new custom rego function, `ec.oci.image_manifest`.
This function retrieves the Image Manifest from an OCI registry. (It
does not download the image, just its manifest.)

The main use case this is trying to achieve is validating image
references that may occur in the SLSA Provenance attestation of an image
being validated. For example, the SLSA Provenance may contain a link to
the corresponding source container image. This function allows policy
rules to be created to verify that such references actually exists.

Ref: EC-235

Signed-off-by: Luiz Carvalho <[email protected]>

Author: lcarva

acceptance/examples/oci_image_manifest.rego

@@ -0,0 +1,37 @@
+package manifest
+
+import rego.v1
+
+# METADATA
+# custom:
+#   short_name: match
+deny contains result if {
+	manifest := ec.oci.image_manifest(input.image.ref)
+	not manifest_matches(manifest)
+
+	result := {
+		"code": "manifest.match",
+		"msg": json.marshal(manifest),
+	}
+}
+
+manifest_matches(manifest) if {
+	manifest.annotations["org.opencontainers.image.base.name"] != ""
+	manifest.mediaType == "application/vnd.docker.distribution.manifest.v2+json"
+	manifest.schemaVersion == 2
+	non_empty_descriptor(manifest.config, "application/vnd.docker.container.image.v1+json")
+	count(manifest.layers) == 2
+	non_empty_descriptor(manifest.layers[0], "application/vnd.docker.image.rootfs.diff.tar.gzip")
+	non_empty_descriptor(manifest.layers[1], "application/vnd.docker.image.rootfs.diff.tar.gzip")
+}
+
+non_empty_descriptor(descriptor, media_type) if {
+	descriptor.annotations == {}
+	descriptor.artifactType == ""
+	descriptor.data == ""
+	startswith(descriptor.digest, "sha256:")
+	count(descriptor.digest) == count("sha256:") + 64
+	descriptor.mediaType == media_type
+	descriptor.size > 0
+	descriptor.urls == []
+}

features/__snapshots__/validate_image.snap

@@ -3344,3 +3344,80 @@ time="${TIMESTAMP}" level=error msg="Parsing PURL \"this-is-not-a-valid-purl\" f
 Error: success criteria not met
 
 ---
+
+[fetch OCI image manifest:stdout - 1]
+{
+  "success": true,
+  "components": [
+    {
+      "name": "Unnamed",
+      "containerImage": "${REGISTRY}/acceptance/oci-image-manifest@sha256:${REGISTRY_acceptance/oci-image-manifest:latest_DIGEST}",
+      "source": {},
+      "successes": [
+        {
+          "msg": "Pass",
+          "metadata": {
+            "code": "builtin.attestation.signature_check"
+          }
+        },
+        {
+          "msg": "Pass",
+          "metadata": {
+            "code": "builtin.attestation.syntax_check"
+          }
+        },
+        {
+          "msg": "Pass",
+          "metadata": {
+            "code": "builtin.image.signature_check"
+          }
+        },
+        {
+          "msg": "Pass",
+          "metadata": {
+            "code": "manifest.match"
+          }
+        }
+      ],
+      "success": true,
+      "signatures": [
+        {
+          "keyid": "",
+          "sig": "${IMAGE_SIGNATURE_acceptance/oci-image-manifest}"
+        }
+      ],
+      "attestations": [
+        {
+          "type": "https://in-toto.io/Statement/v0.1",
+          "predicateType": "https://slsa.dev/provenance/v0.2",
+          "predicateBuildType": "https://tekton.dev/attestations/chains/pipelinerun@v2",
+          "signatures": [
+            {
+              "keyid": "",
+              "sig": "${ATTESTATION_SIGNATURE_acceptance/oci-image-manifest}"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "key": "${known_PUBLIC_KEY_JSON}",
+  "policy": {
+    "sources": [
+      {
+        "policy": [
+          "git::https://${GITHOST}/git/oci-image-manifest-policy"
+        ]
+      }
+    ],
+    "rekorUrl": "${REKOR}",
+    "publicKey": "${known_PUBLIC_KEY}"
+  },
+  "ec-version": "${EC_VERSION}",
+  "effective-time": "${TIMESTAMP}"
+}
+---
+
+[fetch OCI image manifest:stderr - 1]
+
+---

features/validate_image.feature

@@ -926,6 +926,31 @@ Feature: evaluate enterprise contract
     Then the exit status should be 0
     Then the output should match the snapshot
 
+  Scenario: fetch OCI image manifest
+    Given a key pair named "known"
+    Given an image named "acceptance/oci-image-manifest"
+    Given a valid image signature of "acceptance/oci-image-manifest" image signed by the "known" key
+    Given a valid Rekor entry for image signature of "acceptance/oci-image-manifest"
+    Given a valid attestation of "acceptance/oci-image-manifest" signed by the "known" key
+    Given a valid Rekor entry for attestation of "acceptance/oci-image-manifest"
+    Given a git repository named "oci-image-manifest-policy" with
+      | main.rego | examples/oci_image_manifest.rego |
+    Given policy configuration named "ec-policy" with specification
+      """
+      {
+        "sources": [
+          {
+            "policy": [
+              "git::https://${GITHOST}/git/oci-image-manifest-policy"
+            ]
+          }
+        ]
+      }
+      """
+    When ec command is run with "validate image --image ${REGISTRY}/acceptance/oci-image-manifest --policy acceptance/ec-policy --public-key ${known_PUBLIC_KEY} --rekor-url ${REKOR}  --show-successes"
+    Then the exit status should be 0
+    Then the output should match the snapshot
+
   Scenario: tracing and debug logging
     Given a key pair named "trace_debug"
       And an image named "acceptance/trace-debug"