Idea: Sigining Container Images with Cosign, 2021-09-08
📅 Proposed Date
Pick all which apply.
- Cloud Native
Signing container images on container systems provide a means of validating where a container image came from, checking that the image has not been tampered with, and setting policies to determine which validated images you will allow to be pulled to your systems.
This is also important in Security Supply Chains to control that you only used verified Data.
- What is container signing ?
- How does Container Signing works?
- Signing an OCI Image on your Machine
- Signing an OCI Image in GitLab CI/CD
- Validate Container Images before they will be started in Kubernetes
✍ Relevant URLs
Can you prepare slides, live demo, a short story or a blog post? Pick all that apply.
- Live demo
- Blog post
- Others: Please specify