First Cosign Image Signing

Sign and verify.

Overview

The first Cosign image signing moves supply-chain security from theory to practice. Scanner choice gets attention; signed images produce real provenance, which is what the regulators and the supply-chain attacks both care about.

• Sign and verify. Per-image cryptographic signature; the image carries proof of who built it.
• Keyless signing. OIDC-backed keyless signatures; no static keys to lose; the modern Sigstore default.
• Per-image attestation. Per-image build attestation; the chain from source commit to deployed image is auditable.
• Verification at admission plus SBOM. Per-cluster admission policy enforces signatures; per-image SBOM supports compliance.

The approach

The practical approach: keyless signing in CI, admission-time verification in clusters, SBOM attached per image, documented verification policy. The team’s discipline produces real provenance instead of theatre.

• Keyless signing. cosign sign --keyless; OIDC-backed; no key management; the CI pipeline signs as itself.
• Per-image attestation. Build attestation per image; the source commit, builder, and pipeline are recorded.
• Verification at admission. Per-cluster Sigstore policy controller; unsigned or unauthorised images are blocked at deploy.
• SBOM attached. Per-image SBOM; the inventory of dependencies travels with the image.
• Document the policy. Per-cluster verification policy committed to the repo; supports operational reviews and audit.

Why this compounds

Cosign discipline compounds across releases. Each signed image produces provenance; the team’s supply-chain posture grows; supply-chain attacks become detectable instead of silent.

• Better supply-chain security. Verified images produce real provenance; unauthorised images are blocked at admission.
• Better compliance. SBOM matches enterprise frameworks; SOC 2 and SLSA evidence collection becomes mechanical.
• Better incident response. Per-image audit trail; the source of a compromised image is traceable in seconds.
• Institutional knowledge. Each signature teaches supply-chain patterns; the team’s security muscle grows.

Cosign discipline is a security discipline that pays off across years. Nova AI Ops integrates with supply-chain telemetry, surfaces patterns, and supports the team’s security discipline.