Example Policies

Policy recipes

The Sigstore Policy Controller allows users to create their own security policies that they can be enforced on Kuberenetes clusters. Here are a few example policies to help you get started.

You may also review the Sigstore Policy Controller documentation. In particular, we encourage you to review the Policy Controller documentation relating to the Admission of images to learn how to admit images through the cluster image policy.

Policy enforcing signed containers

apiVersion: policy.sigstore.dev/v1beta1
kind: ClusterImagePolicy
metadata:
  name: signed-keyless
spec:
  images:
    # All images
    - glob: "**"
  authorities:
    - keyless:
        url: https://fulcio.sigstore.dev
      ctlog:
        url: https://rekor.sigstore.dev

Example using Chainguard Images from the Chainguard Registry:

...
  images:
    - glob: cgr.dev/chainguard/**
...

An example using Docker Hub images:

...
  images:
    - glob: "index.docker.io/*"
    - glob: "index.docker.io/*/*"
...

An example using Google Cloud Registry:

...
  images:
    - glob: gcr.io/your-image-here/*
...

Policy enforcing signer identity through an OIDC provider and subject

apiVersion: policy.sigstore.dev/v1beta1
kind: ClusterImagePolicy
metadata:
  name: enforce-signer-oidc
spec:
  images:
    - glob: "**"
  authorities:
    - keyless:
        identities: # <<<-- REPLACE the following with your OIDC provider & subject --> #
          - issuer: https://token.actions.githubusercontent.com
            subject: https://github.com/chainguard-dev/gke-demo/.github/workflows/release.yaml@refs/heads/main

An alternate issuer and subject:

...
      - issuer: https://accounts.google.com
        subject: your-gmail@gmail.com

Policy enforcing that images have a signed SPDX SBOM attestation from a custom key

This policy asserts that all images must have a signed SPDX SBOM attestation from a custom key.

apiVersion: policy.sigstore.dev/v1beta1
kind: ClusterImagePolicy
metadata:
  name: custom-key-attestation-sbom-spdxjson
spec:
  images:
    - glob: gcr.io/your-image-here/*
  authorities:
    - name: custom-key
      key:
        data: |
          -----BEGIN PUBLIC KEY-----
          ...
          -----END PUBLIC KEY-----
      attestations:
        - name: must-have-spdxjson
          predicateType: spdxjson
          policy:
            type: cue
            data: |
              predicateType: "https://spdx.dev/Document"

Set the POLICY and IMAGES environment variables appropriately, pointing to the sample policy and the image you would like to test.

POLICY="policies/custom-key-attestation-sbom-spdxjson.yaml"

Generate an SPDX SBOM, then attach the SBOM to your image:

cosign attest --type spdxjson

Next, sign it with a private key (for example, one located in a keys directory as in keys/cosign.key).

export COSIGN_PASSWORD=""

cosign attest --yes --type spdxjson \
  --predicate sboms/example.spdx.json \
  --key keys/cosign.key \
  "${IMAGE}"

Policy enforcing that releases are signed by GitHub Actions

apiVersion: policy.sigstore.dev/v1beta1
kind: ClusterImagePolicy
metadata:
  name: image-is-signed-by-github-actions
spec:
  images:
    # This is the release v0.3.0
    - glob: "gcr.io/projectsigstore/policy-webhook@sha256:d1e7af59381793687db4673277005276eb73a06cf555503138dd18eaa1ca47d6"
  authorities:
    - keyless:
        # Signed by Fulcio
        url: https://fulcio.sigstore.dev
        identities:
          # Matches the Github Actions OIDC issuer
          - issuer: https://token.actions.githubusercontent.com
            # Matches a specific GitHub workflow on main branch. Here we use the
            # Sigstore policy controller example testing workflow as an example.
            subject: "https://github.com/sigstore/policy-controller/.github/workflows/release.yaml@refs/tags/v0.3.0"

Policy allowing trusted GKE images

apiVersion: policy.sigstore.dev/v1beta1
kind: ClusterImagePolicy
metadata:
  name: gke-trusted
spec:
  images:
    - glob: gke.gcr.io/**
    - glob: gcr.io/gke-release/*
  authorities:
    - static:
        action: pass

Enforce that cert-manager is signed

apiVersion: policy.sigstore.dev/v1beta1
kind: ClusterImagePolicy
metadata:
  name: certmanager-signed
spec:
  images:
    - glob: quay.io/jetstack/cert-manager-*
  authorities:
    - key:
        data: |
          -----BEGIN PUBLIC KEY-----
          MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsZZKaaIRjOpzbiWYIDKO
          yry9XGBqAfve1iOGmt5VO1jpjNoEseT6zewozHfWTM7osxayy2WjN8G+QV39MlT3
          Vxo91/31g+Zcq8KcvxG+iB8GRaD9pNgLmghorv+eYDiPYMO/+fhsLImyG5WEoPct
          MeCBD7umZ/A2t96U9DQxVDqQbTHlsNludno1p1wsgRnfUM3QHexNljDvJg5FcDMo
          dCpVLpRNvbw0lbJVfybJ4siJ5o/MmXzy0QCJpw+yMIqvqMc8qgKJ1yooJtuTVF4t
          4/luP+EG/oVIiSWCFeRMqYdbJ3R+CJi+4LN7vFNYQM1Q/NwOB52RteaR7wnqmcBz
          qSYK32MM8xdPCQ5tioWwnPTRbPZuzsZsRmJsKBO9JUrBYdDntZX1xY5g4QNSufxi
          QgJgJSU7E4VGMvagEzB1JzvOr6A/qNFCO1Z6JsA3jw3cJLV1rSHfxqfSXBACTLDf
          6bOPWRILRKydTJA6uLKNKmo1/nFm3jvd5tHKOjy4VAQLJ/Vx9wBsAAiLa+06veun
          Oz3AJ9sNh3wLp21RL11u9TuOKRBipE/TYsBYp8jpIyWPXDSV+JcD/TZqoT8y0Z6S
          0damfUmspuK9DTQFL2crpeaqJSG9RA+OuPZLxGD1IMURTsPJB7kXhPtmceeirBnw
          sVcRHHDitVt8oO/x4Wus1c0CAwEAAQ==
          -----END PUBLIC KEY-----
        hashAlgorithm: sha512

Enforce that Chainguard agent is signed

apiVersion: policy.sigstore.dev/v1beta1
kind: ClusterImagePolicy
metadata:
  name: chainguard-agent-is-signed
spec:
  images:
    - glob: us.gcr.io/prod-enforce-fabc/**
  authorities:
    - ctlog:
        url: https://rekor.sigstore.dev
      keyless:
        identities:
          - issuer: https://token.actions.githubusercontent.com
            subject: https://github.com/chainguard-dev/mono/.github/workflows/.release-drop.yaml@refs/heads/main
          - issuer: https://token.actions.githubusercontent.com
            subject: https://github.com/chainguard-dev/mono/.github/workflows/.build-drop.yaml@refs/heads/main
        url: https://fulcio.sigstore.dev

Enforce that Google’s distroless images are signed

apiVersion: policy.sigstore.dev/v1beta1
kind: ClusterImagePolicy
metadata:
  name: google-distroless-signed
spec:
  images:
    - glob: gcr.io/distroless/static*
  authorities:
    - ctlog:
        url: https://rekor.sigstore.dev
      keyless:
        identities:
          - issuer: https://accounts.google.com
            subject: keyless@distroless.iam.gserviceaccount.com
        url: https://fulcio.sigstore.dev

Enforce that Istio images are signed

apiVersion: policy.sigstore.dev/v1beta1
kind: ClusterImagePolicy
metadata:
  name: istio-signed
spec:
  images:
    - glob: index.docker.io/istio/*
  authorities:
    - key:
        data: |
          -----BEGIN PUBLIC KEY-----
          MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEej5bv2n2vOecKineYGWwq1WaQa7C
          7HTEVN+BkNI4D1+66ufzn1eGTrbaC9dceJqCAkhp37vMxhWOrGufpBUokg==
          -----END PUBLIC KEY-----

Last updated: 2024-08-19 15:56