ZEP-0038: Image Signature Verification #40
Conversation
Racer159
commented
Jul 14, 2025
Racer159
commented
- One-line PR description: Provide image signature verification support to Zarf directly so that image signatures can be validated before hitting a validating webhook implementation in cluster and feedback can be gathered sooner.
- Issue link: Image Signature Verification #38
- Other comments:
Racer159
force-pushed
the
38-image-signature-verification
branch
from
9b49c2c to
79bceef
Compare
Signed-off-by: Wayne Starr <me@racer159.com>
Racer159
force-pushed
the
38-image-signature-verification
branch
from
79bceef to
5e069b8
Compare
Signed-off-by: Wayne Starr <me@racer159.com>
|
|
||
| ### Configuration Structure | ||
|
|
||
| The image signature verification feature will be implemented by adding a new `cosignOpts` field to the `package.create` section of the Zarf package configuration. This field will contain a map of glob patterns to verification options. |
There was a problem hiding this comment.
Would we accept every option to verify an image that's under cosign verify -h
There was a problem hiding this comment.
yes I think so - there are a decent number of them but it would likely be clearer/cleaner to have a 1-1 mapping (not sure what the library code looks like for that but hopefully there would be a way to just pull those opts straight from cosign)
|
|
||
| This ZEP proposes adding image signature verification capabilities to Zarf for `images` that are signed with Cosign signatures. The proposal introduces a configurable mechanism that allows package creators to define registry-specific verification rules using glob pattern matching. This enhancement would enable Zarf to verify the authenticity and integrity of container images during package creation by checking their cryptographic signatures against specified certificates or public keys. | ||
|
|
||
| By implementing this feature, Zarf would provide stronger security guarantees for air-gapped environments where supply chain security is critical and would provide a mechanism to catch issues early in the package development process. The proposal includes support for both public key infrastructure and keyless verification methods, accommodating various security postures and compliance requirements across different operational environments. |
There was a problem hiding this comment.
Appreciative of this feature - as you allude to - it begins to both challenge and strengthen the stance of supply chain security at different stages in a package lifecycle. The create stage being arguably the most important for detecting security violations before the artifact can ever enter the operating environment.
Zarf is positioned well to continue strengthening this pattern.
| ```yaml | ||
| package: | ||
| create: | ||
| cosignOpts: |
There was a problem hiding this comment.
Is there any advantage to decoupling the higher-level workflow - signature verification - from the structure in configuration - cosignOpts ?
Said another way - do we think there is any evidence to support a generic configuration that can implement cosign today - but some other practices in the future? Or is coupling in this fashion provide the project with the ability to deprecate and pivot whole structures as needed?
There was a problem hiding this comment.
I think keeping it separate helps allows Zarf to respond to upstream changes more discretely - in the past cosign deprecated sget support which Zarf had supported natively in its code - because that was relatively tightly integrated it became more work to deprecate and remove fully - mapping the cosign opts in directly would allow them to change and explicitly calling out cosign would allow opts for other libraries to be added alongside.
I did make a change though for this to be cosignVerifyOpts though since these options would be specific to cosign verification. this structure could be broken out in a different way though potentially as something like:
package:
create:
imageVerification:
cosignOpts:There was a problem hiding this comment.
I like cosginVerifyOpts better than cosignOpts.
I agree we should explicitly include the name cosign here as there will be lots of options available to users and keeping things aligned to cosign verify -h will help user discovery.
Changes the structure to include imageVerification is an interesting idea. @brandtkeller Do you have examples in mind of another tool that validates images using a method that cosign doesn't? Either way making the structure more generic could be good for future proofing.
There was a problem hiding this comment.
For posterity - I believe the addition of imageVerification in the structure captures the delineation between other areas of the package lifecycle where cosign options may be used or exposed. This could be the difference between options used for images and other options used for the package more broadly.
Doing so then also enables other options to be exposed that may be used by other libraries as mentioned.
There was a problem hiding this comment.
updated it to that field name instead
|
We should record in the build data of the package which images were verified. Not sure if we'd also want to include the cosign verification method |
Signed-off-by: Wayne Starr <me@racer159.com>
Signed-off-by: Wayne Starr <me@racer159.com>
Signed-off-by: Wayne Starr <me@racer159.com>
4 participants
