Support for sigstore certificate signing

Author: Flavio Castelli



Secure supply chain is one of the hottest topics right now. Many organizations are implementing strategies to verify the provenance of their software starting from the development phase up to the deployment in production.

Sigstore is an open source project that makes incredibly easy to sign and verify assets. Lots of open source projects and organizations are using it to sign and verify their container images, system packages and any kind of binary artifact. It’s no secret we are Sigstore enthusiasts.

We are using Sigstore to sign and verify our whole software stack, we are maintainers of the official Rust SDK, we are exposing its capabilities to policy authors and, finally, we have been providing a Kubewarden policy that can be used to verify the container images allowed into a Kubernetes cluster.

Sigstore supports different signing mechanisms. Today we’re happy to announce that Kubewarden is now exposing all the primitives required to verify signatures produced with user-defined certificates. At signature time, these certificates can be read from the local file system or, more interestingly, could be used by a hardware token (like a Yubikey) or by a KMS.

With this addition, Kubewarden can verify these the signatures produced in those ways.

Required versions

Certificate based verification is available starting from these releases:

Certificate verification in action

Certificate based verification is now available to all our policy authors. However there’s no need to write any code, since we’ve extended our verify-image-signatures policy to support this new type of verification.

The following snippet shows how to ensure that all the container images coming from registry.example.org/project-safety have been signed by both Alice and Bob:

apiVersion: policies.kubewarden.io/v1
kind: ClusterAdmissionPolicy
  name: verify-image-signatures
  module: ghcr.io/kubewarden/policies/verify-image-signatures:v0.1.7
  - apiGroups: ["", "apps", "batch"]
    apiVersions: ["v1"]
    resources: ["pods", "deployments", "statefulsets", "replicationcontrollers", "jobs", "cronjobs"]
    - CREATE
    - UPDATE
  mutating: true
    - image: "registry.example.org/project-safety/*"
      - |
        -----BEGIN CERTIFICATE-----
        Alice's cert
        -----END CERTIFICATE-----        
      - |
        -----BEGIN CERTIFICATE-----
        Bob's cert
        -----END CERTIFICATE-----        
      - |
        -----BEGIN CERTIFICATE-----
        <intermediate cert>
        -----END CERTIFICATE-----        
      - |
        -----BEGIN CERTIFICATE-----
        <root CA>
        -----END CERTIFICATE-----        
      requireRekorBundle: true

This will make sure that images like registry.example.org/project-safety/micro-svc-shopping-cart:v1.0.0 and registry.example.org/project-safety/micro-svc-search:v1.2.0 are signed by Alice and Bob.

Breaking changes to the “verify-image-signature” policy

Starting from version v0.2.0 of the “verify-image-signature”, all the policy settings are going to use the camelCase naming convention.

This means the following configuration keys changed their ID:

  • Keyless verification produced by GitHub: github_actionsgithubActions
  • Keyless verification using a subject prefix:
    • url_prefixurlPrefix
    • keyless_prefixkeylessPrefix

Call for action

That’s all for today, it’s time to give these changes a try!

Feel free to reach out to us if you have any questions or want to share your feedback!