Closed chipzoller closed 2 years ago
@chipzoller - would it be possible to detect if a container layer tries to replace something in a base image?
In the manifest, there's a layers object which contains size and digest info, so you could conceivably compare a reference image's specific layer to another version and see if there's divergence.
$ crane manifest ghcr.io/kyverno/kyverno-annotations-example:latest | jq
{
"schemaVersion": 2,
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"config": {
"mediaType": "application/vnd.docker.container.image.v1+json",
"size": 945,
"digest": "sha256:8cbb1e98c14b1aadac527cc6e1cbe116e18d2710babdd2ceae3d84ad9affc7bd"
},
"layers": [
{
"mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
"size": 2479,
"digest": "sha256:2db29710123e3e53a794f2694094b9b4338aa9ee5c40b930cb8063a1be392c54"
}
],
"annotations": {
"org.opencontainers.image.base.name": "index.docker.io/library/hello-world:latest",
"org.opencontainers.image.source": "https://github.com/kyverno/kyverno-examples"
}
}
Several new policies can be created based on PR https://github.com/kyverno/kyverno/pull/2946, some of which come from the Proof Manifests.
Resolve image to its digest
Any Pod can be used, ex.,
Block images with volumes
Bad
Good
Block large images
Bad
Good
Only trustworthy registries with root users
Bad
Good
Check NVIDIA GPU is built in image
Bad (blocked)
Good (allowed)
Require image source
Good (allowed)
Bad (blocked)