Sign docker images

[theodor-franke]

To enable a full chain of trust and verify the docker image it would be relay beneficial that you sign your images.
Google distroless images for example are signed using cosign. Link to google distroless verification instruction

[karianna]

@d3r3kk - What is the std practice for MSFT images here?

[d3r3kk]

This is indeed something that MSFT does internally, and we will adopt the practice over the coming month or so. @Luigi96 may be able to get to it with our team.

[joe-braley]

The current iteration of our images should be signed. Their signatures can be discovered using the following command:

If there is any issues observed, please let us know!

[karianna]

^^ @theodor-franke

[janigabor]

Indeed, the signature can be discovered with oras. Not sure however how to verify the signature? Notation seems not to be able to find the signatures.

[karianna]

@joe-braley Can you confirm the verification steps and whether we have that listed on our docs page (download area).

[janigabor]

Pulling the image with content trust turned on without any additional settings does not work either:

Any documentation regarding verifying the signatures would be greatly appreciated

[joe-braley]

Hey folks! I have reviewed our recommended process to verify the signatures. Please follow the steps below:

Verifying Microsoft's build of OpenJDK image signatures:

• What you will need:
  • Notation CLI
  • msft_supply_chain.crt
  • Download and save to your local machine (e.g., msft_supply_chain.crt)

• Steps:

  • Add the certificate to the trust store.

    notation cert add --type ca --store supplychain msft_supply_chain.crt

  • Configure trust policies.
  • Create a trustpolicy.json with the following content:

    {
        "version": "1.0",
        "trustPolicies": [
            {
                "name": "supplychain",
                "registryScopes": [ "mcr.microsoft.com/openjdk/jdk" ],
                "signatureVerification": {
                    "level" : "strict"
                },
                "trustStores": [ "ca:supplychain" ],
                "trustedIdentities": [
                    "x509.subject: CN=Microsoft SCD Products RSA Signing,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US"
                ]
            }
        ]
    }

  • Import the trust policy.

    notation policy import trustpolicy.json

  • Verify the image.

    export NOTATION_EXPERIMENTAL=1 # must be set!
    notation verify --allow-referrers-api mcr.microsoft.com/openjdk/jdk:11-mariner

  You then should see the following output

Please let us know if there are any issues with the content above!

[karianna]

Once verified, @brunoborges to determine if we add this to our official doc set.

[janigabor]

I was able to verify the images using the provided documentation, thank you.