Compatibility
What cilock is built for, tested against, and known to interoperate with.
Sources:
rookery/cilock/go.mod,rookery/.github/workflows/release.yml,rookery/cilock/cmd/cilock/main.go.
Toolchainโ
| Version | |
|---|---|
| Go (build) | 1.26.0+ (per go.mod) |
| Build flags | CGO_ENABLED=0, GOWORK=off, -trimpath |
| FIPS mode | On by default (//go:debug fips140=on in main.go) |
Released platformsโ
The official rookery release pipeline produces static binaries for:
| OS | Architectures | Notes |
|---|---|---|
| Linux | amd64, arm64 | Full feature set including --trace (ptrace) |
| macOS (Darwin) | amd64, arm64 | All attestors except --trace (ptrace is Linux-only) |
| Windows | (not shipped) | Not shipped: the omnitrail attestor has linux/darwin-only build constraints (per release.yml comment). |
To build a Windows binary anyway, fork cilock/cmd/cilock/main.go and remove the omnitrail import.
Container imageโ
| Registry | ghcr.io/aflock-ai/cilock |
| Tags | <version> (current: v1.0.1) and latest |
| Built with | Chainguard melange + apko |
| Architectures | x86_64, aarch64 |
| Signed by | cosign (keyless OIDC) |
CI platformsโ
Tested integrations from the cilock-action ecosystem:
| Platform | Integration | Source |
|---|---|---|
| GitHub Actions | aflock-ai/cilock-action@v1.0.1 (also @v1) | cilock-action |
| GitLab CI | Reusable template at cilock-action/gitlab/cilock.gitlab-ci.yml | Same repo |
| Jenkins | Via the jenkins attestor + raw cilock binary | rookery/plugins/attestors/jenkins |
| AWS CodeBuild | Via the aws-codebuild attestor | rookery/plugins/attestors/aws-codebuild |
Signersโ
Verified from rookery/cilock/cmd/cilock/main.go blank imports:
| Signer | Module |
|---|---|
| Sigstore Fulcio | plugins/signers/fulcio |
| SPIFFE/SPIRE | plugins/signers/spiffe |
| AWS KMS | plugins/signers/kms/aws |
| GCP KMS | plugins/signers/kms/gcp |
| Azure Key Vault | plugins/signers/kms/azure |
| HashiCorp Vault | plugins/signers/vault |
| HashiCorp Vault Transit | plugins/signers/vault-transit |
| File (PEM) | plugins/signers/file |
| Debug | plugins/signers/debug-signer |
Timestamp authoritiesโ
RFC 3161 compatible TSAs. Tested against:
- Sigstore TSA (Sigstore-operated public TSA, the cilock-action default)
- Self-hosted TSAs reachable over HTTPS
URL pattern: TSAs are passed via --timestamp-servers <url> (repeatable) or under run.timestamp-servers in the config file.
Evidence storageโ
| Sink | Notes |
|---|---|
| File output | Default; via --outfile. |
| OCI registry | Via the oci attestor + downstream cosign/oras push. |
| Archivista | Tested against the in-toto/archivista reference server. URL pattern <platform-url>/archivista; auth via static --archivista-headers or OIDC (--archivista-oidc + --archivista-audience). |
Witness compatibilityโ
Cilock is bidirectionally interoperable with witness:
- Cilock attestation type URLs use the
https://aflock.ai/attestations/<name>/v0.1namespace. - Legacy witness URLs (
https://witness.dev/attestations/<name>/v0.1) are accepted via aliases registered inattestation/legacy.go, called frommain.goat startup viaattestation.RegisterLegacyAliases(). - Witness-signed policies (DSSE payload type
https://witness.testifysec.com/policy/v0.1) work withcilock verify. - Cilock-produced attestations verify under
witness verify.
Predicate types in scopeโ
| Predicate | Notes |
|---|---|
| in-toto Statement v1 (with versioned predicate URLs) | Native format for all cilock attestations. |
| DSSE envelope | Wraps every signed attestation. |
| SLSA Provenance v1 | Emitted by the slsa attestor. |
| CycloneDX, SPDX | Embedded by the sbom attestor when found in products. |
| SARIF | Embedded by the sarif attestor when found in products. |
| VEX | Emitted by the vex attestor. |
Version pinning recommendationsโ
| Dependency | Pin to |
|---|---|
aflock-ai/cilock-action in workflows | A commit SHA (not a floating tag like @v1), see the defending-against-supply-chain-attacks tutorial for why. |
cilock binary | A specific release version, not :latest, in any production-bound workflow. |
| Custom binaries built via the rookery builder | Pin every plugin module to a path-prefixed tag. |
What's not coveredโ
- Real-time network egress monitoring. Cilock observes file/syscall activity, not network traffic. Pair with StepSecurity Harden-Runner for that gap.
- Developer laptop or production server protection. Cilock operates in CI/CD only.
- Windows attestor coverage. Until the
omnitrailbuild constraint is relaxed or made conditional, Windows requires a custom build.