How to sign and verify container images with Cosign
Cosign signs images keylessly and stores signatures in the registry; verifying before deploy proves provenance and integrity. Add SBOM attestations and enforce verification with an admission policy, all wired into CI.
Signing and verifying images with Cosign
Cosign signs container images and stores the signatures alongside them in the registry. Verifying signatures before deployment ensures images come from a trusted pipeline and have not been tampered with. Keyless signing ties signatures to an OIDC identity, avoiding long-lived private keys.
Prerequisites
- An image pushed to a registry.
- Cosign installed, and a cluster for admission enforcement.
Steps
1. Install Cosign
Install the cosign binary and confirm with cosign version.
2. Sign an image keylessly
Keyless signing uses an OIDC identity and a transparency log:
cosign sign registry.example.com/myapp:1.0.0
Follow the OIDC flow; the signature is stored in the registry.
3. Verify a signature
cosign verify \
--certificate-identity-regexp '.*' \
--certificate-oidc-issuer https://token.actions.githubusercontent.com \
registry.example.com/myapp:1.0.0
In production, pin the identity and issuer to your CI exactly.
4. Add an SBOM and attestation
Attach a software bill of materials as a signed attestation so consumers can audit contents:
cosign attest --predicate sbom.json --type cyclonedx registry.example.com/myapp:1.0.0
5. Enforce verification at admission
Use a policy controller (such as Sigstore Policy Controller, Kyverno, or Connaisseur) to require valid signatures. The cluster then rejects unsigned or untrusted images.
6. Wire signing into CI
In the pipeline, build and push the image, then run cosign sign using the workflow's OIDC token so every released image is signed automatically.
Verification
Run cosign verify against a signed image and confirm it succeeds; run it against an unsigned image and confirm it fails. With the admission policy active, deploying an unsigned image should be rejected, while signed images deploy normally.
Next Steps
Enforce that images also carry SBOM and provenance attestations, pin trust to your exact CI identity, and combine signing with vulnerability scanning so only signed, scanned images reach production.
Prerequisites
- An image in a registry
- Cosign installed
- A Kubernetes cluster for admission policy
Steps
- 1Install Cosign
- 2Sign an image keylessly
- 3Verify a signature
- 4Add an SBOM and attestation
- 5Enforce verification at admission
- 6Wire signing into CI