Skip to main content

How to sign and verify container images with Cosign

Cosign signs images keylessly and stores signatures in the registry; verifying before deploy proves provenance and integrity. Add SBOM attestations and enforce verification with an admission policy, all wired into CI.

Difficulty
Advanced
Duration
40 minutes
Steps
6

Signing and verifying images with Cosign

Cosign signs container images and stores the signatures alongside them in the registry. Verifying signatures before deployment ensures images come from a trusted pipeline and have not been tampered with. Keyless signing ties signatures to an OIDC identity, avoiding long-lived private keys.

Prerequisites

  • An image pushed to a registry.
  • Cosign installed, and a cluster for admission enforcement.

Steps

1. Install Cosign

Install the cosign binary and confirm with cosign version.

2. Sign an image keylessly

Keyless signing uses an OIDC identity and a transparency log:

cosign sign registry.example.com/myapp:1.0.0

Follow the OIDC flow; the signature is stored in the registry.

3. Verify a signature

cosign verify \
  --certificate-identity-regexp '.*' \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  registry.example.com/myapp:1.0.0

In production, pin the identity and issuer to your CI exactly.

4. Add an SBOM and attestation

Attach a software bill of materials as a signed attestation so consumers can audit contents:

cosign attest --predicate sbom.json --type cyclonedx registry.example.com/myapp:1.0.0

5. Enforce verification at admission

Use a policy controller (such as Sigstore Policy Controller, Kyverno, or Connaisseur) to require valid signatures. The cluster then rejects unsigned or untrusted images.

6. Wire signing into CI

In the pipeline, build and push the image, then run cosign sign using the workflow's OIDC token so every released image is signed automatically.

Verification

Run cosign verify against a signed image and confirm it succeeds; run it against an unsigned image and confirm it fails. With the admission policy active, deploying an unsigned image should be rejected, while signed images deploy normally.

Next Steps

Enforce that images also carry SBOM and provenance attestations, pin trust to your exact CI identity, and combine signing with vulnerability scanning so only signed, scanned images reach production.

Prerequisites

  • An image in a registry
  • Cosign installed
  • A Kubernetes cluster for admission policy

Steps

  • 1
    Install Cosign
  • 2
    Sign an image keylessly
  • 3
    Verify a signature
  • 4
    Add an SBOM and attestation
  • 5
    Enforce verification at admission
  • 6
    Wire signing into CI

Category

Security