Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Signed Images #652

Open
tnorlin opened this issue Oct 2, 2023 · 0 comments
Open

Signed Images #652

tnorlin opened this issue Oct 2, 2023 · 0 comments
Assignees
@geakstr

Comments

@tnorlin
Copy link

tnorlin commented Oct 2, 2023
edited
Loading

Software Bill of Materials (SBOM) provides insights of the components involved, a bit like a nested ingredient list and signed images enables the user to verify that the image actually contains what it clams to.

I've noticed that other images within the Cilium project are signed by cosign and I believe it would provide good value from a security perspective to be able to validate the images, although I couldn't find such signatures from the Hubble images.

See here for more information:
https://docs.cilium.io/en/stable/configuration/verify-image-signatures/#verify-signed-container-images
cilium/cilium#21918
@geakstr geakstr self-assigned this Oct 9, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@geakstr geakstr

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@geakstr @tnorlin