SLSA and Artifact Signing with Sigstore
Implementing build provenance and cosign signatures for container images and release binaries.
SLSA and Artifact Signing with Sigstore
SLSA levels (simplified)
| Level | Requirement |
|---|---|
| L1 | Build scripted / automated |
| L2 | Signed provenance, hosted build |
| L3 | Hardened build platform, non-falsifiable provenance |
Cosign signing flow
# Sign image after build
cosign sign --key awskms://alias/cosign myregistry/app:v1.2.3
# Verify at deploy time (admission webhook or deploy script)
cosign verify --key awskms://alias/cosign myregistry/app:v1.2.3Provenance attestation
GitHub Actions can emit SLSA provenance linking:
- Git commit SHA
- Workflow file
- Builder identity
- Artifact digest
Store attestations alongside image in OCI registry.
Policy
Production deploy pipeline rejects images without:
- Valid cosign signature from trusted key
- Provenance matching allowed repository and branch
- Passing vulnerability scan on same digest