Verify container image signatures before deployment (Notary/cosign/Connaisseur)

[mogul]

User Story

In order to ensure that images have not been tampered with before they are deployed, we want our EKS instances to verify the image signature in an admission controller hook using the Notary or cosign protocols.

Background

Here's the actual Connaisseur repository; it can be deployed using a Helm chart.

Demo

Sketch

We can/should also verify the signature of helm_release resources used in brokerpaks.

[adborden]

Adding some breadcrumbs, this looks like another area that is under development. When we pick up this story, we can re-evaluate options.

Reading between the lines, I think registry providers (Amazon, Azure, Google, GitHub, etc) are not into Notary (v1) because the trust store is external from the registry. Notary v2 seems to be an effort to support signatures directly within the OCI artifact.

Linux Foundation launched sigstore and has a tool cosign that supports GitHub Container Registry.

Both Notary v2 and cosign seem to be on Connaisseur's radar.

[xopham]

@adborden @mogul using the latest Connaisseur v2.0 release, it is possible to use either Notary (V1) or Cosign or both at the same time. More info can be found in the docs or release post. We'll be looking into Notary V2 now and if we can start implementing a first experimental support.

Feel free to reach out if we can help! Always great to learn about use-cases in the wild

[mogul]

Thanks for reaching out!

[mogul]

Noting for later: Kyverno also implements this as part of a more general policy framework. It's pretty alpha and only supports cosign, though.

[mogul]

sigstore is now natively supported in GitHub Actions. https://github.blog/2021-12-06-safeguard-container-signing-capability-actions/

[mogul]

Seems like maybe the existing Alpine image on which so much is based hasn't been signed for a while...?

[dlorenc]

Cosign maintainer here, let me know if we can help at all!