Copy sigstore signature/attesation encounters unexpected MIME type

[sschubertchainguard]

Hi team,

I am attempting to copy an image and its sigstore signature/attestation to a new registry, but am encountering the below error. Would appreciate any guidance you can offer!

FATA[0000] copying system image from manifest list: reading signatures: unexpected MIME type for sigstore attachment manifest cgr.dev/chainguard/busybox:sha256-8c3f467c5d9460d8fde01e2073044377e633706f8b00a9f04ccb3ef3d78376f3.sig: "application/vnd.docker.distribution.manifest.v2+json"

Steps to reproduce:

$ docker run --rm -it alpine:latest
/ # apk update && apk add skopeo -q
fetch https://dl-cdn.alpinelinux.org/alpine/v3.20/main/aarch64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.20/community/aarch64/APKINDEX.tar.gz
v3.20.0-63-gef45a4ade0d [https://dl-cdn.alpinelinux.org/alpine/v3.20/main]
v3.20.0-72-g9c6bc2593d2 [https://dl-cdn.alpinelinux.org/alpine/v3.20/community]
OK: 24026 distinct packages available
/ #
/ # cat > /etc/containers/policy.json <<EOF
> {
>     "default": [
>         {
>             "type": "insecureAcceptAnything"
>         }
>     ],
>     "transports":
>         {
>             "docker-daemon":
>                 {
>                     "": [{"type":"insecureAcceptAnything"}]
>                 }
>         }
> }
> EOF
/ # 
/ # cat > /etc/containers/registries.d/default.yaml <<EOF
> docker:
>     cgr.dev:
>         use-sigstore-attachments: true
> EOF
/ # 
/ # skopeo copy --debug docker://cgr.dev/chainguard/busybox:latest docker://ttl.sh/myfavoritelocation/busybox:latest
DEBU[0000] Using registries.d directory /etc/containers/registries.d 
DEBU[0000] Loading registries configuration "/etc/containers/registries.conf" 
DEBU[0000] Loading registries configuration "/etc/containers/registries.conf.d/00-shortnames.conf" 
DEBU[0000] No credentials matching ttl.sh/myfavoritelocation/busybox found in /run/containers/0/auth.json 
DEBU[0000] No credentials matching ttl.sh/myfavoritelocation/busybox found in /root/.config/containers/auth.json 
DEBU[0000] No credentials matching ttl.sh/myfavoritelocation/busybox found in /root/.docker/config.json 
DEBU[0000] No credentials matching ttl.sh/myfavoritelocation/busybox found in /root/.dockercfg 
DEBU[0000] No credentials for ttl.sh/myfavoritelocation/busybox found 
DEBU[0000]  No signature storage configuration found for ttl.sh/myfavoritelocation/busybox:latest, using built-in default file:///var/lib/containers/sigstore 
DEBU[0000] Looking for TLS certificates and private keys in /etc/docker/certs.d/ttl.sh 
DEBU[0000] Using registries.d directory /etc/containers/registries.d 
DEBU[0000] Trying to access "cgr.dev/chainguard/busybox:latest" 
DEBU[0000] No credentials matching cgr.dev/chainguard/busybox found in /run/containers/0/auth.json 
DEBU[0000] No credentials matching cgr.dev/chainguard/busybox found in /root/.config/containers/auth.json 
DEBU[0000] No credentials matching cgr.dev/chainguard/busybox found in /root/.docker/config.json 
DEBU[0000] No credentials matching cgr.dev/chainguard/busybox found in /root/.dockercfg 
DEBU[0000] No credentials for cgr.dev/chainguard/busybox found 
DEBU[0000]  Lookaside configuration: using "docker" namespace cgr.dev 
DEBU[0000]  No signature storage configuration found for cgr.dev/chainguard/busybox:latest, using built-in default file:///var/lib/containers/sigstore 
DEBU[0000] Looking for TLS certificates and private keys in /etc/docker/certs.d/cgr.dev 
DEBU[0000]  Sigstore attachments: using "docker" namespace cgr.dev 
DEBU[0000] GET https://cgr.dev/v2/                      
DEBU[0000] Ping https://cgr.dev/v2/ status 401          
DEBU[0000] GET https://cgr.dev/token?scope=repository%3Achainguard%2Fbusybox%3Apull&service=cgr.dev 
DEBU[0000] Increasing token expiration to: 60 seconds   
DEBU[0000] GET https://cgr.dev/v2/chainguard/busybox/manifests/latest 
DEBU[0000] Content-Type from manifest GET is "application/vnd.oci.image.index.v1+json" 
DEBU[0000] Using SQLite blob info cache at /var/lib/containers/cache/blob-info-cache-v1.sqlite 
DEBU[0000] Source is a manifest list; copying (only) instance sha256:8c3f467c5d9460d8fde01e2073044377e633706f8b00a9f04ccb3ef3d78376f3 for current system 
DEBU[0000] GET https://cgr.dev/v2/chainguard/busybox/manifests/sha256:8c3f467c5d9460d8fde01e2073044377e633706f8b00a9f04ccb3ef3d78376f3 
DEBU[0000] Content-Type from manifest GET is "application/vnd.oci.image.manifest.v1+json" 
DEBU[0000] IsRunningImageAllowed for image docker:cgr.dev/chainguard/busybox:latest 
DEBU[0000]  Using default policy section                
DEBU[0000]  Requirement 0: allowed                      
DEBU[0000] Overall: allowed                             
Getting image source signatures
DEBU[0000] Reading /var/lib/containers/sigstore/chainguard/busybox@sha256=8c3f467c5d9460d8fde01e2073044377e633706f8b00a9f04ccb3ef3d78376f3/signature-1 
DEBU[0000] Looking for sigstore attachments in cgr.dev/chainguard/busybox:sha256-8c3f467c5d9460d8fde01e2073044377e633706f8b00a9f04ccb3ef3d78376f3.sig 
DEBU[0000] GET https://cgr.dev/v2/chainguard/busybox/manifests/sha256-8c3f467c5d9460d8fde01e2073044377e633706f8b00a9f04ccb3ef3d78376f3.sig 
DEBU[0000] Content-Type from manifest GET is "application/vnd.docker.distribution.manifest.v2+json" 
FATA[0000] copying system image from manifest list: reading signatures: unexpected MIME type for sigstore attachment manifest cgr.dev/chainguard/busybox:sha256-8c3f467c5d9460d8fde01e2073044377e633706f8b00a9f04ccb3ef3d78376f3.sig: "application/vnd.docker.distribution.manifest.v2+json"

[mtrmac]

Thanks for your report.

Yes, that’s not currently supported: containers/image#2058 . It’s plausible but just haven’t been written yet.

[sschubertchainguard]

Sorry, I missed that other issue! Thanks for the reply - I'll close this in favor of the issue you linked.