Skip to content
Published on

Kyverno Image Verification: Sigstore and Supply Chain Security

🇰🇷KO🇺🇸EN🇯🇵JA
Split View
Authors

1. verifyImages Rule Overview

Kyverno's verifyImages rule verifies container image signatures and attestations to strengthen supply chain security.

apiVersion: kyverno.io/v1
kind: ClusterPolicy
metadata:
  name: verify-images
spec:
  validationFailureAction: Enforce
  rules:
    - name: verify-signature
      match:
        any:
          - resources:
              kinds:
                - Pod
      verifyImages:
        - imageReferences:
            - 'ghcr.io/myorg/*'
          attestors:
            - entries:
                - keys:
                    publicKeys: |-
                      -----BEGIN PUBLIC KEY-----
                      ...
                      -----END PUBLIC KEY-----

2. Cosign Signature Verification

2.1 Static Key

verifyImages:
  - imageReferences:
      - 'ghcr.io/myorg/*'
    attestors:
      - entries:
          - keys:
              publicKeys: |-
                -----BEGIN PUBLIC KEY-----
                ...
                -----END PUBLIC KEY-----

2.2 Keyless Signing (Fulcio)

verifyImages:
  - imageReferences:
      - 'ghcr.io/myorg/*'
    attestors:
      - entries:
          - keyless:
              url: https://fulcio.sigstore.dev
              rekor:
                url: https://rekor.sigstore.dev
              subject: 'https://github.com/myorg/*'
              issuer: 'https://token.actions.githubusercontent.com'

2.3 KMS Keys

verifyImages:
  - attestors:
      - entries:
          - keys:
              kms: awskms:///arn:aws:kms:us-east-1:123456789:key/abc-123

3. Attestation Verification

3.1 SLSA Provenance

verifyImages:
  - imageReferences:
      - 'ghcr.io/myorg/*'
    attestations:
      - type: https://slsa.dev/provenance/v1
        attestors:
          - entries:
              - keyless:
                  url: https://fulcio.sigstore.dev
                  subject: 'https://github.com/myorg/*'
                  issuer: 'https://token.actions.githubusercontent.com'
        conditions:
          - all:
              - key: '{{ buildDefinition.buildType }}'
                operator: Equals
                value: 'https://slsa-framework.github.io/github-actions-buildtypes/workflow/v1'

4. SBOM Verification

verifyImages:
  - attestations:
      - type: https://cyclonedx.org/bom/v1.4
        conditions:
          - all:
              - key: "{{ components[?name=='log4j-core'].version | [0] }}"
                operator: NotEquals
                value: '2.14.1'

5. Image Mutation

verifyImages:
  - imageReferences:
      - 'ghcr.io/myorg/*'
    mutateDigest: true # Auto-convert tags to digests
    required: true # Signature must exist
    verifyDigest: true # Verify digest

6. Summary

  1. cosign verification: Static key, Keyless (Fulcio), KMS support
  2. Attestation verification: in-toto, SLSA provenance condition-based verification
  3. SBOM verification: Check vulnerable components in CycloneDX/SPDX attestations
  4. Digest mutation: Ensure image immutability with mutateDigest
  5. Comprehensive policies: Combine registry restrictions + tag policies + signature verification
Discuss on TwitterView on GitHub