lockc icon indicating copy to clipboard operation
lockc copied to clipboard

Published 20 hours ago verified publisher icon lockc-project

Consider sigstore integration

Open vadorovsky opened this issue 3 years ago • 0 comments

We are getting sigstore integration in kubewarden, which is really good news, because we will be able to enforce image verification on Kubernetes clusters!

But that brings a question - should we somehow verify sigstore signatures in lockc as well? There are two reasons why it might be a good idea:

  • making sure that no one modified the image after admission and before container runtime actually starts a container - to exclude MITM scenarios on nodes
  • that would easily bring sigstore support for local container runtimes (docker, podman)

Topics to research:

  • [ ] How the integration could look like?
  • [ ] Is lockc really a good place to do that? After all, lockc is meant to be a BPF LSM engine. sigstore might be far away from that area. Maybe it would make more sense to have a separate project for sigstore? Maybe some OCI hook? But on the other hand, maybe widening the topics of interests of lockc would be good and even a separate OCI hook would be easy to include? Think about all pros and cons.

/cc @agracey

vadorovsky avatar Oct 12 '21 12:10 vadorovsky