Image Signing and Verification

2 min read Infrastructure & DevOps Security

Image Signing and Verification

Image signing provides cryptographic proof of image integrity and origin. Digital signatures ensure images haven't been tampered with since signing and verify the signer's identity. This protects against registry compromises and man-in-the-middle attacks. However, signing requires key management infrastructure and process changes.

Sigstore provides an open-source framework for keyless signing using ephemeral certificates. This approach eliminates long-lived key management while maintaining security through transparency logs. Cosign, part of the Sigstore project, integrates with existing container workflows and supports various signature storage methods.

# Cosign signature verification policy
apiVersion: policy.sigstore.dev/v1beta1
kind: ClusterImagePolicy
metadata:
  name: production-image-policy
spec:
  images:
  - glob: "registry.company.com/production/*"
    authorities:
    - key:
        data: |
          -----BEGIN PUBLIC KEY-----
          MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE1nkqwbJtD7bKrFmwf/lHh2AL
          -----END PUBLIC KEY-----
    - keyless:
        url: https://fulcio.sigstore.dev
        identities:
        - issuer: https://github.com/login/oauth
          subject: [email protected]
  
  - glob: "docker.io/library/*"
    authorities:
    - keyless:
        url: https://fulcio.sigstore.dev
        identities:
        - issuer: https://token.actions.githubusercontent.com
          subject: https://github.com/docker-library/*

---
# Policy Controller for enforcing signatures
apiVersion: v1
kind: ConfigMap
metadata:
  name: policy-controller-config
  namespace: cosign-system
data:
  no-match-policy: "deny"
  transparency-url: "https://rekor.sigstore.dev"
  
---
# Example signed image deployment
apiVersion: apps/v1
kind: Deployment
metadata:
  name: signed-app
  namespace: production
  annotations:
    # Signature verification metadata
    cosign.sigstore.dev/signature: "MEUCIQDPx..."
    cosign.sigstore.dev/certificate: "-----BEGIN CERTIFICATE-----..."
spec:
  replicas: 3
  selector:
    matchLabels:
      app: signed-app
  template:
    metadata:
      labels:
        app: signed-app
    spec:
      containers:
      - name: app
        image: registry.company.com/production/app:v1.2.3@sha256:abc123...
        imagePullPolicy: Always

Admission controllers enforce signature verification before allowing image deployment. Tools like Kyverno, OPA Gatekeeper, or Portieris integrate with Kubernetes admission control to verify signatures. These tools can enforce different policies for different namespaces, allowing gradual rollout of signature requirements.