implementing-image-provenance-verification-with-cosign
Sign and verify container image provenance using Sigstore Cosign with keyless OIDC-based signing, attestations, and Kubernetes admission enforcement.
What this skill does
# Implementing Image Provenance Verification with Cosign ## Overview Cosign is a Sigstore tool for signing, verifying, and attaching metadata to container images and OCI artifacts. It supports both key-based and keyless (OIDC) signing, integrates with Fulcio (certificate authority) and Rekor (transparency log), and enables supply chain security for container images. ## When to Use - When deploying or configuring implementing image provenance verification with cosign capabilities in your environment - When establishing security controls aligned to compliance requirements - When building or improving security architecture for this domain - When conducting security assessments that require this implementation ## Prerequisites - Cosign CLI installed - Docker or Podman for building images - OCI-compliant container registry (Docker Hub, GHCR, GCR, ECR) - OIDC provider account (GitHub, Google, Microsoft) for keyless signing ## Installing Cosign ```bash # Install via Go go install github.com/sigstore/cosign/v2/cmd/cosign@latest # Install via Homebrew brew install cosign # Install via script curl -O -L "https://github.com/sigstore/cosign/releases/latest/download/cosign-linux-amd64" sudo mv cosign-linux-amd64 /usr/local/bin/cosign sudo chmod +x /usr/local/bin/cosign # Verify installation cosign version ``` ## Key-Based Signing ### Generate Key Pair ```bash # Generate cosign key pair (creates cosign.key and cosign.pub) cosign generate-key-pair # Generate key pair stored in KMS cosign generate-key-pair --kms awskms:///alias/cosign-key cosign generate-key-pair --kms gcpkms://projects/PROJECT/locations/LOCATION/keyRings/KEYRING/cryptoKeys/KEY cosign generate-key-pair --kms hashivault://transit/keys/cosign ``` ### Sign Image with Key ```bash # Sign an image cosign sign --key cosign.key ghcr.io/myorg/myapp:v1.0.0 # Sign with annotations cosign sign --key cosign.key \ -a "build-id=12345" \ -a "git-sha=$(git rev-parse HEAD)" \ ghcr.io/myorg/myapp:v1.0.0 ``` ### Verify Image with Key ```bash # Verify signature cosign verify --key cosign.pub ghcr.io/myorg/myapp:v1.0.0 # Verify with annotation check cosign verify --key cosign.pub \ -a "build-id=12345" \ ghcr.io/myorg/myapp:v1.0.0 ``` ## Keyless Signing (OIDC) ### Sign with Keyless (Interactive) ```bash # Keyless sign - opens browser for OIDC auth cosign sign ghcr.io/myorg/myapp:v1.0.0 # The signature, certificate, and Rekor entry are created automatically ``` ### Sign with Keyless (CI/CD - Non-Interactive) ```bash # GitHub Actions (uses OIDC token automatically) cosign sign ghcr.io/myorg/myapp:v1.0.0 \ --yes # With explicit identity token cosign sign ghcr.io/myorg/myapp:v1.0.0 \ --identity-token=$(cat /var/run/sigstore/cosign/oidc-token) \ --yes ``` ### Verify Keyless Signature ```bash # Verify by email identity cosign verify ghcr.io/myorg/myapp:v1.0.0 \ [email protected] \ --certificate-oidc-issuer=https://accounts.google.com # Verify by GitHub Actions workflow cosign verify ghcr.io/myorg/myapp:v1.0.0 \ --certificate-identity=https://github.com/myorg/myrepo/.github/workflows/build.yml@refs/heads/main \ --certificate-oidc-issuer=https://token.actions.githubusercontent.com # Verify with regex matching cosign verify ghcr.io/myorg/myapp:v1.0.0 \ --certificate-identity-regexp=".*@example.com" \ --certificate-oidc-issuer=https://accounts.google.com ``` ## Attestations (SLSA Provenance) ### Attach SBOM Attestation ```bash # Generate SBOM syft ghcr.io/myorg/myapp:v1.0.0 -o cyclonedx-json > sbom.cdx.json # Attach SBOM as attestation cosign attest --key cosign.key \ --type cyclonedx \ --predicate sbom.cdx.json \ ghcr.io/myorg/myapp:v1.0.0 # Verify attestation cosign verify-attestation --key cosign.pub \ --type cyclonedx \ ghcr.io/myorg/myapp:v1.0.0 ``` ### Attach Vulnerability Scan Attestation ```bash # Run scan and save results grype ghcr.io/myorg/myapp:v1.0.0 -o json > vuln-scan.json # Attach scan results as attestation cosign attest --key cosign.key \ --type vuln \ --predicate vuln-scan.json \ ghcr.io/myorg/myapp:v1.0.0 ``` ### SLSA Provenance Attestation ```bash # Attach SLSA provenance cosign attest --key cosign.key \ --type slsaprovenance \ --predicate provenance.json \ ghcr.io/myorg/myapp:v1.0.0 # Verify SLSA provenance cosign verify-attestation --key cosign.pub \ --type slsaprovenance \ ghcr.io/myorg/myapp:v1.0.0 ``` ## CI/CD Integration ### GitHub Actions ```yaml name: Sign and Publish on: push: tags: ['v*'] permissions: contents: read packages: write id-token: write # Required for keyless signing jobs: build-sign: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: sigstore/cosign-installer@v3 - name: Login to GHCR uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push id: build uses: docker/build-push-action@v5 with: push: true tags: ghcr.io/${{ github.repository }}:${{ github.ref_name }} - name: Sign image (keyless) run: | cosign sign --yes \ ghcr.io/${{ github.repository }}@${{ steps.build.outputs.digest }} - name: Generate and attach SBOM run: | syft ghcr.io/${{ github.repository }}@${{ steps.build.outputs.digest }} -o cyclonedx-json > sbom.json cosign attest --yes \ --type cyclonedx \ --predicate sbom.json \ ghcr.io/${{ github.repository }}@${{ steps.build.outputs.digest }} ``` ## Kubernetes Admission Enforcement ### Policy Controller (Sigstore) ```bash # Install policy-controller helm repo add sigstore https://sigstore.github.io/helm-charts helm install policy-controller sigstore/policy-controller \ --namespace cosign-system --create-namespace ``` ```yaml # Enforce signed images in namespace apiVersion: policy.sigstore.dev/v1beta1 kind: ClusterImagePolicy metadata: name: require-signed-images spec: images: - glob: "ghcr.io/myorg/**" authorities: - keyless: url: https://fulcio.sigstore.dev identities: - issuer: https://token.actions.githubusercontent.com subjectRegExp: "https://github.com/myorg/.*" ctlog: url: https://rekor.sigstore.dev ``` ### Kyverno Integration ```yaml apiVersion: kyverno.io/v1 kind: ClusterPolicy metadata: name: verify-image-signature spec: validationFailureAction: Enforce rules: - name: verify-cosign-signature match: any: - resources: kinds: ["Pod"] verifyImages: - imageReferences: - "ghcr.io/myorg/*" attestors: - entries: - keyless: subject: "https://github.com/myorg/*" issuer: "https://token.actions.githubusercontent.com" rekor: url: https://rekor.sigstore.dev ``` ## Transparency Log (Rekor) ```bash # Search Rekor for image signatures rekor-cli search --email [email protected] # Get specific entry rekor-cli get --uuid <entry-uuid> # Verify entry inclusion cosign verify ghcr.io/myorg/myapp:v1.0.0 \ [email protected] \ --certificate-oidc-issuer=https://accounts.google.com ``` ## Best Practices 1. **Use keyless signing** in CI/CD for automated pipelines 2. **Sign by digest** not by tag for immutable references 3. **Attach SBOM attestations** alongside signatures 4. **Enforce signatures** at admission with policy-controller or Kyverno 5. **Use OIDC identity** verification instead of just key verification 6. **Store keys in KMS** (AWS KMS, GCP KMS, HashiCorp Vault) for key-based signing 7. **Verify the full chain**: signature + certificate + Rekor inclusion 8. **Include build metadata** as annotations on signatures
Related in Image & Video
watch
IncludedWatch a video (URL or local path). Downloads with yt-dlp, extracts auto-scaled frames with ffmpeg, pulls the transcript from captions (or Whisper API fallback), and hands the result to Claude so it can answer questions about what's in the video.
physical-ai-defect-image-generation
IncludedUse when the user wants to orchestrate defect image generation, run associated setup, or handle outputs on OSMO. The Day 0 path handles cold-start with USD-to-ROI, image-edit augmentation, and AnomalyGen to create initial PCBA datasets. The Day 1 path performs inference and labeling on real images. This skill helps with first-time asset setup, creation of finetuning checkpoints, and configuring deployment. Trigger keywords: defect image generation, dig workflow, dig pipeline, defect image detection workflow, aoi pipeline, aoi anomalygen, usd2roi anomalygen, day 0 pcba, day 1 pcba, day 1 real-photo alignment, day 1 manual roi, metal surface anomaly, glass defect, anomalygen finetune, setup_pcb, setup_metal, setup_glass, setup_pretrained, dig setup, dig datasets, dig pretrained checkpoint, dig image-edit endpoint.
accelint-react-best-practices
IncludedReact performance optimization and best practices. ALWAYS use this skill when working with any React code - writing components, hooks, JSX; refactoring; optimizing re-renders, memoization, state management; reviewing for performance; fixing hydration mismatches; debugging infinite re-renders, stale closures, input focus loss, animations restarting; preventing remounting; implementing transitions, lazy initialization, effect dependencies. Even simple React tasks benefit from these patterns. Covers React 19+ (useEffectEvent, Activity, ref props). Triggers - useEffect, useState, useMemo, useCallback, memo, inline components, nested components, components inside components, re-render, performance, hydration, SSR, Next.js, useDeferredValue, combined hooks.
elevenlabs-agents
IncludedBuild conversational AI voice agents with ElevenLabs Platform using React, JavaScript, React Native, or Swift SDKs. Configure agents, tools (client/server/MCP), RAG knowledge bases, multi-voice, and Scribe real-time STT. Use when: building voice chat interfaces, implementing AI phone agents with Twilio, configuring agent workflows or tools, adding RAG knowledge bases, testing with CLI "agents as code", or troubleshooting deprecated @11labs packages, Android audio cutoff, CSP violations, dynamic variables, or WebRTC config. Keywords: ElevenLabs Agents, ElevenLabs voice agents, AI voice agents, conversational AI, @elevenlabs/react, @elevenlabs/client, @elevenlabs/react-native, @elevenlabs/elevenlabs-js, @elevenlabs/agents-cli, elevenlabs SDK, voice AI, TTS, text-to-speech, ASR, speech recognition, turn-taking model, WebRTC voice, WebSocket voice, ElevenLabs conversation, agent system prompt, agent tools, agent knowledge base, RAG voice agents, multi-voice agents, pronunciation dictionary, voice speed control, elevenlabs scribe, @11labs deprecated, Android audio cutoff, CSP violation elevenlabs, dynamic variables elevenlabs, case-sensitive tool names, webhook authentication
humanizer
IncludedHumanize AI-generated text by detecting and removing patterns typical of LLM output. Rewrites text to sound natural, specific, and human. Uses 28 pattern detectors, 560+ AI vocabulary terms across 3 tiers, and statistical analysis (burstiness, type-token ratio, readability) for comprehensive detection. Use when asked to humanize text, de-AI writing, make content sound more natural/human, review writing for AI patterns, score text for AI detection, or improve AI-generated drafts. Covers content, language, style, communication, and filler categories.
generating-mermaid-diagrams
IncludedSalesforce architecture diagrams using Mermaid with ASCII fallback. Use this skill when generating text-based diagrams for Salesforce architecture, OAuth flows, ERDs, integration sequences, or Agentforce structure. TRIGGER when: user says "diagram", "visualize", "ERD", or asks for sequence diagrams, flowcharts, class diagrams, or architecture visualizations in Mermaid. DO NOT TRIGGER when: user wants PNG/SVG image output (use generating-visual-diagrams), or asks about non-Salesforce systems.