Where Do I Sign? Step-by-step Sigstore Adoption

These Supply Chains Ain’t Gonna Secure Themselves

Signing and verifying your code, build system, and artifacts is one of the most effective mitigations you can take against supply chain security attacks. Sigstore provides the open source community with free infrastructure for code signing, in the spirit of LetsEncrypt, but for code signing. Using Sigstore, we can iteratively improve our supply chain security, starting with signed attestations and moving toward signed provenance to protect the build.

Where Do I Sign?

With Sigstore there are multiple places you can sign your artifacts:

• You can sign commits to your code repository

• You can sign from the build system to provide build provenance

• You can sign production container images, blobs,or artifacts

But there isn’t much guidance on which of these you should start with on your journey toward a more secure supply chain. As with most things, “it depends”, on your threat model and what you’re trying to protect.

Ranging from simple to complexity of adoption, we can employ git signing. Then we can level up to signing build artifacts. Lastly, we can focus on protecting the build system itself.

Commit Signing

If you want to protect your codebase from tampering or impersonation, you can verify the authenticity of the developer commits using git signing. Sigstore’s gitsign package enables developers to sign git commits without managing any keys or depending on PGP. Signing commits initiates an OIDC flow to authenticate using the same identity provider you use for SSO. These credentials are then used to sign the commit and store the certificate in the rekor transparency log for verification.

Signing Build Artifacts

Deploying untrusted artifacts in your production environment is akin to picking up gum off the street and deploying it to your prod environment. (Is that how the analogy works?)

If you want to protect your production environment from running untrusted or malicious container images, you can sign artifacts and store the attestations right next to your container images, in whatever registry you’re already using. Chainguard Enforce provides continuous verification for all container images running across your fleet of Kubernetes clusters with our Enforce agent, or new agent-free mode!

Build Provenance and Attestation

Build systems should be treated like production systems, which means they should provide suitable logging and attestation for everything they build.

If you’re mitigating attacks on your build system (Open Source projects take note), you’ll want to provide provenance for your builds and sign the provenance with Sigstore. Depending on the build system you’re using, you can integrate with Sigstore to sign and upload evidence of the build provenance to protect downstream users against supply chain attacks like the SolarWinds attack.

GitHub Actions, Tekton, and other build systems are capable of providing build provenance via in-toto attestations natively. However, some build systems (notably Jenkins) are widely in use and don’t have support for build provenance. For these environments, we recommend having Jenkins handle testing while the building of any production artifacts is handled by a build system that generates verifiable build attestations.

Holistic Supply Chain Security

But how do you defend against attacks on your code repository, build system, and production images? You can use Sigstore in all 3 places! This provides comprehensive protection from code commits, to build system verification, all the way to container images at runtime. Sigstore allows you to iteratively make improvements to your supply chain, meeting you where you’re at and leading you toward a trusted supply chain.

If you’d like help on your software supply chain journey, the experts at Chainguard are here to help!